github.com/nextcloud/nextcloud.com.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Lukas Reschke <lukas@statuscode.ch>	2021-05-28 11:13:28 +0300
committer	GitHub <noreply@github.com>	2021-05-28 11:13:28 +0300
commit	fd5fa561389b1e72ddc966e6f575ddfb46072c67 (patch)
tree	7023ee8f11382ac4ff72d312f7b1bcb77b719c0a /page-impressum.php
parent	32f5772c9fdd641ba68112dbf29074fe05758c43 (diff)

Fix several security concerns (#1471)

* Use REMOTE_ADDR field The other ones are not used at all. This would allow someone to spoof the configured IP address and bypass any rate limit. Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Add basic ratelimiting class Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Remove Mautic submission form Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Replace captcha with ratelimiter Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Space + tabs Signed-off-by: Lukas Reschke <lukas@statuscode.ch> * Dont check if no REDIS is defined in config Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Diffstat (limited to 'page-impressum.php')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: