Commit Graph

11 Commits

Author SHA1 Message Date
DegrangeM
9472ac4401
Fix vulnerability (#252)
* Improve and simplify code handling CORS

* Don't execute request when origin not allowed

Fix vulnerability

* Remove webCorsOrigin legacy option

It's confusing (and potentially insecure as removing webCorsOrigin in configuration would still set it to localhost)

* Allow 127.0.0.1 and browser extension if localhost allowed
2021-05-05 22:31:11 -07:00
421ca35c09 Fix missing return 2021-02-22 19:25:12 -08:00
6487abe206 Fix typo 2021-01-19 21:59:45 -08:00
322984be06 Cleanup 2021-01-18 20:18:57 -08:00
c0cdc8e575 Update copyrights 2021-01-17 22:15:48 -08:00
431ee362fc Initial cleanup pass 2021-01-17 22:13:27 -08:00
grepmew
06dff21107
Add support for video and pictures when adding or updating a note. (#207)
- Sound and video share same [sound:..] tag. See 0c08ff5317/pylib/anki/sound.py (L33)
- Tested and verified picture is added and video is added when `addNote` API.
2020-12-05 21:24:50 -08:00
Albert
da837b2d47 Complete 975c069 fixes 2020-04-05 01:28:37 +08:00
c64e78addf cleanup 2020-03-05 19:33:27 -08:00
Yannick Mau
002b7cbf97 Deprecate field 'webCorsOrigin' but keep temporary support for it. 2020-02-28 01:17:53 +01:00
173e43700b Cleanup 2020-01-05 15:42:08 -08:00