Minetrack/lib
Hugo Manrique 0392fce6c3 Fix XSS by parsing player counts as raw data and validating favicon URIs (#116)
* Fix XSS by parsing player counts as raw data (instead of parsing it)

* Ensure the returned favicon is a data URI

* Force server favicon size to 64px

* Increase specificity of data URI validation

The previous commit would happily accept any domain (or subdomain) that started with "data"
2019-09-05 16:15:44 -05:00
..
database.js 3.1.0 (#69) 2017-03-14 17:07:58 -05:00
logger.js Quick clean up 2015-11-02 01:04:49 -06:00
mojang_services.js 3.1.0 (#69) 2017-03-14 17:07:58 -05:00
ping.js Fix XSS by parsing player counts as raw data and validating favicon URIs (#116) 2019-09-05 16:15:44 -05:00
server.js 3.1.0 (#69) 2017-03-14 17:07:58 -05:00
util.js Revert "Properly sort ping listing to ensure we don't wrongly smooth" 2017-08-09 00:35:13 -05:00