-
Notifications
You must be signed in to change notification settings - Fork 3.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Tweak SECURITY and add a Security policy section to docs
- Loading branch information
1 parent
614866e
commit 0a87317
Showing
2 changed files
with
17 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,14 @@ | ||
# Security Policy | ||
# Security policy | ||
|
||
## Reporting a Vulnerability | ||
## Reporting a vulnerability | ||
|
||
To report a vulnerability, please send an email to `security@httpie.io` describing the: | ||
When you identify a vulnerability in HTTPie, please report it privately using one of the following channels: | ||
|
||
- The description of the vulnerability itself | ||
- A short reproducer to verify it (you can submit a small HTTP server, a shell script, a docker image etc.) | ||
- The severity level classification (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`) | ||
- If associated with any, the [CWE](https://cwe.mitre.org/) ID. | ||
- Email to [`security@httpie.io`](mailto:security@httpie.io) | ||
- Report on [huntr.dev](https://huntr.dev/) | ||
|
||
In addition to the description of the vulnerability, please include also: | ||
|
||
- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.) | ||
- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`) | ||
- [CWE](https://cwe.mitre.org/) ID, if available. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters