-
> Recommend env flag to disable security for explicitly internal application use.
_Originally posted by @calonmerc in [#53](https://github.com/thijstakken/MusicService/issues/53#issuecomment-21234…
-
An attacker can bypass Shiro's authentication with a malicious request containing a payload
-
## Description
Detect unsuccessful (denied) Azure Active Directory Multi-Factor Authentication sign-in attempts followed by successful (approved) sign-in attempt. This may indicate an successful atte…
-
For example in config:
```yaml
authentication:
configuration:
bypass_header: X-Marathon-Plugins-Auth-Disabled
```
-
Hi, I would like to add a flag called 'ActivationEmailRequired' that we could set up in the settings.json. If the flag is set to 'No', for subscribing and unsubscribing to a pad, etherpad will not sen…
-
This is awesome and exactly what I need!
However, when running RStudio Server as a non root user, it seems to bypass the login page.
This is a big security risk for multi users systems.
Is there a …
-
Related: PR #7617
Related: issue #6729
For each visited profile, we fetch the following pages (unauthenticated): shared projects, favorited projects, curated studios, followed studios, followed us…
-
**Describe the bug**
All cognito session tokens id, access and refresh tokens are being persisted into localstorage. This goes against all industry security best practice of storing sensitive infomat…
-
Hi,
as an avid but paranoid self-hoster, I am considering hosting headscale on a cheap VPS in order to establish VPN connections between my devices. The distrust of the closed-source Tailscale coord…
-
The current process lacks a reset feature during use, i.e., when the user is unable to restore the pin, rendering the wallet unusable.
1. Add a reset function that requires verification of the user'…