New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Listen on 127.0.0.1, not 0.0.0.0, by default #1205

Merged
merged 1 commit into from Aug 22, 2017

Conversation

Projects
None yet
1 participant
@ddfreyne
Member

ddfreyne commented Aug 20, 2017

nanoc view listens on all network interfaces by default, which is potentially problematic, as exposes the (compiled) Nanoc site to other devices.

This is a potential security issue.

@ddfreyne

This comment has been minimized.

Show comment
Hide comment
@ddfreyne

ddfreyne Aug 20, 2017

Member

CC @whitequark — this is what I mentioned in #1204.

Member

ddfreyne commented Aug 20, 2017

CC @whitequark — this is what I mentioned in #1204.

@ddfreyne ddfreyne merged commit d8232fa into master Aug 22, 2017

3 checks passed

codecov/patch 100% of diff hit (target 98.7%)
Details
codecov/project 98.71% (+<.01%) compared to 9c603c9
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@ddfreyne ddfreyne deleted the default-host-not-0000 branch Aug 22, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment