OneDev
Dashboards
Projects
Global Views
Code Search
server
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
Audit Log
OneDev 14.0.6
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Issues OD-2434
Detecting malicious unicode in merge requests (OD-2434)
daniel-developer opened 8 months ago

Gitea supports helpfully highlights and informs the about unicode confusables: It warns that the replacement is using “ambiguous Unicode characters” - https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/.

image_2.png

Would you mind to add something similar to onedev?

image_3.png

A webservice to test strings: https://util.unicode.org/UnicodeJsps/confusables.jsp

Thanks a lot.

👍 1
  • Robin Shen commented 8 months ago

    Thanks for the info. Will look into this.

  • OneDev commented 8 months ago

    State changed as code fixing the issue is committed (a630e762)

  • OneDev changed state to 'Closed' 8 months ago
    Previous Value Current Value 
    Open
    		 
    Closed
  • OneDev commented 8 months ago

    State changed as build OD-6262 is successful

  • OneDev changed state to 'Released' 8 months ago
    Previous Value Current Value 
    Closed
    		 
    Released
  • bufferUnderrun commented 8 months ago

    very nice !!

issue 1/1
Type
New Feature
Priority
Normal
Assignee
Robin Shen
Labels
No labels
Issue Votes (0)
Login to vote
Watchers (4)
Reference
OD-2434
Please wait...
Connection lost or session expired, reload to recover
Page is in error, reload to recover