You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For test small nodejs server is launched, the only purpose of which is to receive filepath, convert it to binary and pass to the jvm side. In theory attacker can scan for the port on which this server is launched and pass an arbitrary filename - not necessarily from repo. If server will recognize file format it will give up the data for the attacker.
The obvious simplest countermeasure is to allow files only from within the project.
The text was updated successfully, but these errors were encountered:
For test small nodejs server is launched, the only purpose of which is to receive filepath, convert it to binary and pass to the jvm side. In theory attacker can scan for the port on which this server is launched and pass an arbitrary filename - not necessarily from repo. If server will recognize file format it will give up the data for the attacker.
The obvious simplest countermeasure is to allow files only from within the project.
The text was updated successfully, but these errors were encountered: