-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
handle windows paths better #17
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am cool with this but strongly think we ought to consider: 1) direct POST ...
of content via HTTP or 2) access from another HTTP URI after we dive into more secure development considerations. This step brings us farther down the path of madness and assisting LFI attacks. More to come in #18.
it might be slightly more difficult for an attacker to make a POST request, but we
|
I don't disagree, but we really need to go through a threat model on this, but you should not be exposing the server to the outside world (so it accepts traffic from any interface on the system, not just internal on loopback, explained here if I am not making obvious sense on first pass) and other things should be done if someone chooses to deploy in a "prod-by-default" configuration, which would include an AuthN/AuthZ proxy in front of it and TLS. But you, @david-waltermire, and I and others need to chat through that for a series of pieces one at a time. That is one of the first steps in #18, threat modeling. I approved the PR as-is for now. The next step is writing down some assumptions so we know what and why we want to do. I am happy with it for now, this is a local development tool. We will evolve to conducive to production deployment as we proceed with 18. |
No description provided.