mirror of https://github.com/searxng/searxng
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6b59800dc6
The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy |
4 years ago | |
---|---|---|
.. | ||
engines | ||
api.rst | ||
arch_public.dot | ||
architecture.rst | ||
buildhosts.rst | ||
engines.rst | 4 years ago | |
filtron.rst | 4 years ago | |
index.rst | ||
installation-apache.rst | 4 years ago | |
installation-docker.rst | ||
installation-nginx.rst | 4 years ago | |
installation-searx.rst | 4 years ago | |
installation-uwsgi.rst | ||
installation.rst | 4 years ago | |
morty.rst | 4 years ago | |
plugins.rst | 4 years ago | |
settings.rst | 4 years ago | |
update-searx.rst |