Y
Hacker News
new
|
ask
|
show
|
jobs
by
brians
72 days ago
They offer it as an option but default it to false! This is still a --footgun option but it’s the least unsafe version I’ve seen yet! Well done, Apfel authors.
1 comments
franze
72 days ago
thx for the report - a totally valid attack vector i was not aware of before, should be fixed
https://github.com/Arthur-Ficial/apfel/releases/tag/v0.6.23
- see also new
https://github.com/Arthur-Ficial/apfel/blob/main/docs/server...
link