mirror of https://github.com/searxng/searxng
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6b59800dc6
The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy |
4 years ago | |
---|---|---|
.. | ||
engines | 4 years ago | |
api.rst | 5 years ago | |
arch_public.dot | 4 years ago | |
architecture.rst | 5 years ago | |
buildhosts.rst | 4 years ago | |
engines.rst | 4 years ago | |
filtron.rst | 4 years ago | |
index.rst | 5 years ago | |
installation-apache.rst | 4 years ago | |
installation-docker.rst | 4 years ago | |
installation-nginx.rst | 4 years ago | |
installation-searx.rst | 4 years ago | |
installation-uwsgi.rst | 4 years ago | |
installation.rst | 4 years ago | |
morty.rst | 4 years ago | |
plugins.rst | 4 years ago | |
settings.rst | 4 years ago | |
update-searx.rst | 5 years ago |