-
Since we don't parameterize the CORS allowed hosts, the list of allowed hosts includes testing domains, even in prod:
From `settings.py`
```
ALLOWED_HOSTS = [
"db.grandsvc.mesh.nycmesh.net",…
-
https://app.snyk.io/org/fecgov/project/a95ea997-b012-4b3b-a026-2fdbe6ac0398#issue-SNYK-PYTHON-FLASKCORS-7707876
[https://app.snyk.io/org/fecgov/project/a95ea997-b012-4b3b-a026-2fdbe6ac0398#issue-…
-
We are using a custom auth and a custom default-backend for authenticating our frontend apps:
```
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Can the issue be reproduced with the default theme (daylight/midnight)?
- [X] I was able to reproduce the iss…
-
### What happened?
| | |
| ------------- | ------------- |
| Vulnerability | Denial of service via malicious preflight requests in github.com/rs/cors|
| GitHub Advisory | https://github.co…
-
### Your current environment
```text
Collecting environment information...
WARNING 07-22 09:16:28 _custom_ops.py:14] Failed to import from vllm._C with ModuleNotFoundError("No module named 'vllm._C…
-
Firstly, thank you for the work! Alexandrite is very cool and I think it is progressing well =). You might have thought about some of this a bit more than me but hopefully there is something useful in…
-
### Describe the bug
Hi!
We encountered an issue with version 5.4.3 that breaks our app in production:
- fix(preload): add crossorigin attribute in CSS link tags (#17930) ([15871c7](https://git…
-
**Describe the bug**
The `str.character_ngrams` function produces token `` for strings which are lesser than the provided `n` (shown in image for the case of bigrams).
![result output](https://githu…
-
Auth 1.0 assumes that the client's credentialled requests for content resources are made with cookies.
This isn't a 100% requirement - the auth spec would work just as well if the server were authori…