ikiwiki

Commit Graph

Author	SHA1	Message	Date
Simon McVittie	9a275b2f18	doc: Document security issues involving LWP::UserAgent Recommend the LWPx::ParanoidAgent module where appropriate. It is particularly important for openid, since unauthenticated users can control which URLs that plugin will contact. Conversely, it is non-critical for blogspam, since the URL to be contacted is under the wiki administrator's control. Signed-off-by: Simon McVittie <smcv@debian.org>	2019-02-26 22:21:31 +00:00

Author

SHA1

Message

Date

Simon McVittie

9a275b2f18

doc: Document security issues involving LWP::UserAgent

Recommend the LWPx::ParanoidAgent module where appropriate.
It is particularly important for openid, since unauthenticated users
can control which URLs that plugin will contact. Conversely, it is
non-critical for blogspam, since the URL to be contacted is under
the wiki administrator's control.

Signed-off-by: Simon McVittie <smcv@debian.org>

2019-02-26 22:21:31 +00:00

1 Commits (a80d5248ea902d7e85a68b9c6e663ff6e01abc1e)