mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2026-06-23 04:10:17 +00:00
Erik Michelson
c489497e45
This change removes the meta-marked dependency which solely was used for extracting the frontmatter, which is possible as well with one function. Furthermore, this introduces constraints to objects resulting from frontmatter parsing and enforces them in order to prevent attacks like a yaml bomb (massive alias expansion). This change should resolve a possible DoS attack. Signed-off-by: Erik Michelson <github@erik.michelson.eu>