Closed gordonwoodhull closed 4 years ago
Since the functions do GETs on the URLs provided, they can be used to cause the server to fetch file:// URLs or non-notebooks (that happen to have /gists/ in them - okay, not huge risk).
file://
/gists/
The inputs should be validated.
Since the functions do GETs on the URLs provided, they can be used to cause the server to fetch
file://URLs or non-notebooks (that happen to have/gists/in them - okay, not huge risk).The inputs should be validated.