From 3c2b51c7cb249e7c0fc92023ac556d324ac3d774 Mon Sep 17 00:00:00 2001
From: Lain Soykaf <lain@lain.com>
Date: Tue, 11 Mar 2025 17:57:45 +0400
Subject: Changelog: Add missing changelog entries

---
 changelog.d/cross-domain-redirect-check.security | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/cross-domain-redirect-check.security

(limited to 'changelog.d/cross-domain-redirect-check.security')

diff --git a/changelog.d/cross-domain-redirect-check.security b/changelog.d/cross-domain-redirect-check.security
new file mode 100644
index 000000000..9201de794
--- /dev/null
+++ b/changelog.d/cross-domain-redirect-check.security
@@ -0,0 +1 @@
+Reject cross-domain redirects when fetching ActivityPub objects to prevent bypassing domain-based security controls.
\ No newline at end of file
-- 
cgit v1.2.3