woodwind
woodwind copied to clipboard
kylewm
Unsophisticated stream-style indieweb reader supporting h-feed and xml formats
Bumps [bleach](https://github.com/mozilla/bleach) from 2.1.1 to 3.3.0. Changelog Sourced from bleach's changelog. Version 3.3.0 (February 1st, 2021) Backwards incompatible changes clean escapes HTML comments even when strip_comments=False Security fixes Fix bug...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.1.3 to 3.2. Changelog Sourced from cryptography's changelog. 3.2 - 2020-10-25 * **SECURITY ISSUE:** Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher...
Bumps [jquery](https://github.com/jquery/jquery) from 2.2.4 to 3.5.0. Commits 7a0a850 3.5.0 8570a08 Release: Update AUTHORS.txt da3dd85 Ajax: Do not execute scripts for unsuccessful HTTP responses 065143c Ajax: Overwrite s.contentType with content-type header...
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.11.9 to 0.15.3. Release notes *Sourced from [werkzeug's releases](https://github.com/pallets/werkzeug/releases).* > ## 0.15.3 > * Blog: https://palletsprojects.com/blog/werkzeug-0-15-3-released/ > * Changes: https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-3 > > > ## 0.15.2 > *...
Hey, I noticed a possible XSS (https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) vulnerability in line: https://github.com/kylewm/woodwind/blob/82fc01dbf489185feda2e7c2037c76d1f44f4b85/woodwind/push.py#L40 Unsanitized user input gets into flask.make_response() and then into user's browser. This opens a possibility for the attacker to...
The was stripped from this post: https://gregorlove.com/2017/12/currently-reading-a-wrinkle-in/
Following https://instagram-atom.appspot.com, the generated feed works in the browser but Woodwind throws a 500 error when trying to subscribe to it.
Typing in "tantek.com" should "just work" in the "Subscribe to URL" input box. Right now it doesn't. It gives you an error that says "Please enter a URL". Not user...
If a feed has a 301 redirect, it would be nice if Woodwind would follow that and update the subscription URL. I subscribed to http://gregorlove.com/notes/ before I went https-only and...
On my site, 00dani.me, I've declared my authorisation endpoint like so: ```html ``` The correct behaviour when attempting to log in to Woodwind as 00dani.me would be, therefore, to redirect...
