mirror of
https://github.com/searxng/searxng.git
synced 2024-11-23 04:27:46 +01:00
6b59800dc6
The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy |
||
---|---|---|
.. | ||
default.apps-available |