search

vipyrsec / dragonfly-mainframe

The mainframe for Dragonfly
https://docs.vipyrsec.com/dragonfly-mainframe/
MIT License
5 stars 2 forks source link

Place `POST /update-rules` behind authentication #135

Closed Robin5605 closed 4 months ago

Robin5605 commented 1 year ago

Currently, the POST /update-rules/ endpoint is not behind authentication, meaning anyone can update the rules if they have the endpoint URL. This is not desirable. Also, the appropriate workflows in the security-intelligence repo do perform authentication so this should be a relatively simple fix.

BruDriguezz commented 4 months ago

I'm interested on taking this issue if nobody wants to.

Robin5605 commented 4 months ago

Thanks for your interest, assigned!

BruDriguezz commented 4 months ago

Solved as per #206.