Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: [security] restrict setting to cli only. enabling this setting c…
…ould allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre
  • Loading branch information
righel committed Mar 17, 2022
1 parent 07b0917 commit 8dcf414
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion app/Model/Server.php
Expand Up @@ -5867,7 +5867,8 @@ private function generateServerSettings()
'value' => false,
'test' => 'testBool',
'type' => 'boolean',
'null' => true
'null' => true,
'cli_only' => 1
),
'rest_client_baseurl' => array(
'level' => 1,
Expand Down

0 comments on commit 8dcf414

Please sign in to comment.