-
If this isn't already in Wagtail it would be useful to prevent, where possible, impersonation of users via
1. Commonly-used titles of authority, eg "administrator" "moderator" etc
2. [Homographic…
-
Existing browsers have sets of conditionals for performing name lookups and partially mitigating homograph attacks. In their case, DNS is ascii based so they can resort a punycode.
Since ENS is Uni…
-
Right now, if a MUC's JID contains non-ASCII characters, it is displayed in Punycode. For example, if a chatroom address is `chat@café.example`, it will be displayed as `chat@xn--caf-dma.example`.
Th…
-
Qualified handshake domains like `gregosuri` are valid, but do not appear to pass our hostname tests, and give an error of invalid hostname.
Why?
-
This is a follow up from a conversation around https://popey.com/blog/2024/02/exodus-bitcoin-wallet-490k-swindle/ and how Flathub is vulnerable.
We already do pretty well with
* All new submission…
-
What character set? What is illegal? Is space allowed? Valid UTF-8 or arbitrary bytes? etc. etc.
-
![Screen Shot 2019-08-23 at 6 57 45 PM](https://user-images.githubusercontent.com/31873152/63584462-f4f75080-c5d7-11e9-8bb9-cf6ba94a4efa.png)
I ran `ccstake --rpc-server 127.0.0.1:8080 validators`
…
-
Currently, the workshop covers 5 common security vulnerabilities:
1. Sensitive data exposure
2. Broken access control
3. Cross site scripting (XSS)
4. SQL injection
5. Insecure deserialization
…
-
See https://github.com/solid/node-solid-server/issues/824#issuecomment-436028869
Basically, follow the lead of Django (web framework, written in Python) when normalising the usernames for slugs.
T…
-
Nice work, but I visualized the matching of Hpatches and superpoint failed in all rotation case.maybe rotation not include in training augmentation?