Xss vuln (#299)

* [Security] Remove access to development site The development site wasn't used and had an XSS vulnerability. * Pin to previous version of Debian. Bookworm has new installation procedure for docker, this is a workaround until someone has cycles to submit a PR that trues up the Dockerfile to the new debian:bookworm procedure --------- Co-authored-by: Mark Mandel <markmandel@google.com>
googleforgames · Jul 25, 2023 · 356700b · 356700b
1 parent afa7432
commit 356700b
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 2 deletions.
diff --git a/Dockerfile.ci b/Dockerfile.ci
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM debian
+FROM debian:bullseye
 
 RUN apt-get update
 RUN apt-get install -y -qq git make python3 virtualenv curl sudo unzip apt-transport-https ca-certificates openssl curl software-properties-common gnupg2

diff --git a/site/layouts/partials/navbar.html b/site/layouts/partials/navbar.html
@@ -31,7 +31,6 @@
 					Release
 				</a>
 				<div class="dropdown-menu" aria-labelledby="navbarDropdownMenuLink">
-					<a class="dropdown-item" href="https://development.open-match.dev/site/">Development</a>
 					<a class="dropdown-item" href="https://open-match.dev/site/">{{ .Site.Params.release_version }}</a>
 				</div>
 			</li>