Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Make sure to add proper CORS only on the listening ports #56

New issue
Copy link
New issue
Copy link
Open
Open
Make sure to add proper CORS only on the listening ports#56
Copy link
Assignees
zmoog
Labels
criticality: highOf high impactOf high impacttype: enhancementProposed improvementProposed improvement
@mastrolinux

Description

@mastrolinux
mastrolinux
opened on Jan 21, 2016
Issue body actions

https://github.com/arduino/arduino-create-agent/blob/devel/main.go#L220 Right now we cycle on every port and add too many CORS headers. It will allow an attacker to run a process on localhost and use our own certificate.

Metadata

Metadata

Assignees

Labels

criticality: highOf high impactOf high impacttype: enhancementProposed improvementProposed improvement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    Morty Proxy This is a proxified and sanitized view of the page, visit original site.