dshanske
commented
6 years ago I can make it cs compliant. Because this is for users who may not be as savvy, not sure about it being behind a debugger. Can try to reimplement without a direct call.
Closed dshanske closed 6 years ago
dshanske
commented
6 years ago I can make it cs compliant. Because this is for users who may not be as savvy, not sure about it being behind a debugger. Can try to reimplement without a direct call.
pfefferle
commented
6 years ago Sorry, I forgot to give my +1... You do not have to fix all the issues, I was just curious what this file is for and if it might be a security risk if it is always publicly available and directly accessible...
dshanske
commented
6 years ago I don't think so, as all it does is check headers. But let me try to harden it a bit
dshanske
commented
6 years ago I don't see anything in the file that could be exploited.
This updates the documentation to include some authorization issue diagnostics. It also bundles and links to @Zegnat 's authdiag script to check same. I didn't see the need to write a new one as it seems to do the trick.