Skip to content
Permalink
Browse files
security: SSRF External Images
This is an extension of `d98c2d0` and addresses an issue reported by
haxatron. This ensures the `Allow External Images` setting is Disabled by
default on new installs.
  • Loading branch information
JediKev committed Oct 7, 2021
1 parent e90d3be commit 1c6f98e62fb12b74a56b3f2f730da61ccd3004f2
Showing with 2 additions and 2 deletions.
  1. +1 −1 include/class.config.php
  2. +1 −1 include/i18n/en_US/config.yaml
@@ -230,7 +230,7 @@ class OsticketConfig extends Config {
'max_open_tickets' => 0,
'files_req_auth' => 1,
'force_https' => '',
'allow_external_images' => 1,
'allow_external_images' => 0,
);

function __construct($section=null) {
@@ -80,7 +80,7 @@ core:
ticket_number_format: '######'
ticket_sequence_id: 0
queue_bucket_counts: 0
allow_external_images: 1
allow_external_images: 0
task_number_format: '#'
task_sequence_id: 2
log_level: 2

0 comments on commit 1c6f98e

Please sign in to comment.