Tim Düsterhus

Investigate normalizing the username / email for SFS processing

4

This change is not correct. - The local part of an email address is case sensitive and thus must not be normalized ([RFC 5321#2.3.11](https://tools.ietf.org/html/rfc5321#section-2.3.11)). - I however acknowledge that in...

Clean Up Exception Handling

1

The current handling Exceptions is historically grown and suffers from quite a few issues. Among these are unreadable god methods in core.functions.php, Layering Violations, because some Exceptions concern themselves with...

Neither immediately, nor in rebuild workers.

Pass the CSRF token for Ajax requests in an X-XSRF-TOKEN request header

2

… add this header automatically for same-site requests and pull the value out of the X-XSRF-TOKEN cookie. Rationale: Passing the CSRF token as an URL parameter is questionable. The described...

> Is it intented to remove the possibility to execute the scripts on the devtools sync page? https://github.com/WoltLab/WCF/commit/d5b180155d5805bda7e3132df2f4fde6627a49db#commitcomment-55519515

Add PackageManifest

1

This PR, as of right now, adds a `PackageManifest` class that generates a packages manifest summarizing the security critical identifiers of a package. The following design choices were made: -...

Misleading error message when passing percentage instead of scalar between 0 and 1

4

```scss $test: #FFF; :root { color: fade-out($test, 100%); } ``` results in the error message: ``` Error: $amount: Expected 100% to be within 0% and 1%: test.scss on line 4,...

Math involving return value of function does not simplify result

4

This is an issue encountered while working with Font Awesome 6 Beta 2. The Font Awesome files can be found here: https://fontawesome.com/download Font Awesome includes a custom `divide` implementation in...