3a2e0b262e
Domains were previously not validated before being handled, leading to a potential scenario where someone could pass something like "element_url=127.0.0.1:<port>/<resource>" to access other resources on a machine running Whoogle. This change ensures that the resource used in both endpoints is a valid domain. This also includes validation of config names to prevent names from including path values such as "../../(etc)". |
||
---|---|---|
.. | ||
models | ||
static | ||
templates | ||
utils | ||
__init__.py | ||
__main__.py | ||
filter.py | ||
request.py | ||
routes.py | ||
version.py |