benoit74
commented
1 month ago Agreed, this is a "significant" security concern. Probably something to solve in scraper (or scraperlib even).
Open rgaudin opened 1 month ago
benoit74
commented
1 month ago Agreed, this is a "significant" security concern. Probably something to solve in scraper (or scraperlib even).
With illustration already and behaviors soon (maybe?), our worker can be ordered to download arbitrary URLs without stopping at any specific size. That's a potential hazard.
We should check how the crawler enforces the limit we use as well ; it could be a simple post-write check which might be vulnerable as well.