alex/anki-connect
1
Fork 0
Code Releases 7 Activity
1a08d79454
anki-connect/plugin
History
DegrangeM 9472ac4401
Fix vulnerability (#252) 
* Improve and simplify code handling CORS

* Don't execute request when origin not allowed

Fix vulnerability

* Remove webCorsOrigin legacy option

It's confusing (and potentially insecure as removing webCorsOrigin in configuration would still set it to localhost)

* Allow 127.0.0.1 and browser extension if localhost allowed
2021-05-05 22:31:11 -07:00
..
__init__.py Added "getMediaFilesNames" action (#247) 2021-04-11 21:26:03 -07:00
config.json Fix vulnerability (#252) 2021-05-05 22:31:11 -07:00
config.md Cleanup 2020-01-05 16:24:20 -08:00
util.py Fix vulnerability (#252) 2021-05-05 22:31:11 -07:00
web.py Fix vulnerability (#252) 2021-05-05 22:31:11 -07:00