Mercurial > kallithea
diff tox.ini @ 7312:fa3365c94064 stable
repos: introduce low level check of clone URIs to prevent direct file system access to local repos
This is already checked in web form validation, but also check at low level to
make sure API access enforce the same invariants.
This issue was found and reported by
Kacper Szurek
https://security.szurek.pl/
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Mon, 07 May 2018 11:38:40 +0200 |
parents | 768989c595aa |
children | 6a83b399bb3c |