ejeschke
commented
6 months ago The SimpleXMLRPCServer is only used if the RC (Remote Control) plugin is started. Furthermore, the default host that the server interface starts up on is "localhost", so the server is not exposed outside the local host, unless the user overrides that.
I think we can put a "nosec" on it for now and leave this issue open. I've been thinking about replacing it with something else anyway. The nice thing about SimpleXMLRPCServer is that it didn't require any third party packages. Given that it is in the standard library, perhaps we will see a fix for this down the road in the standard python release...
pllim
@ejeschke , please look at https://github.com/ejeschke/ginga/actions/runs/7163626610/job/19502365317 and think about whether we should fix this or slap a
# nosecon the offending lines. Thank you.