susanshi
commented
7 months ago We should validate if this is a security issue first.
Open akashsinghal opened 7 months ago
susanshi
commented
7 months ago We should validate if this is a security issue first.
What would you like to be added?
New verifiers, such as vulnerability report verifier, will allow users to pass through artifact contents in the verifier report which is embedded in the response body to GK. Response body can now potentially be unbounded leading to potential issues. Ratify should explore if this will pose an issue for External data response if the response size is too big.
Anything else you would like to add?
No response
Are you willing to submit PRs to contribute to this feature?