dontcallmedom
commented
10 years ago Done thanks to https://github.com/w3c/safe-url-input-checker
Closed dontcallmedom closed 10 years ago
dontcallmedom
commented
10 years ago Done thanks to https://github.com/w3c/safe-url-input-checker
We need to make sure that the checker can't be used to access URLs that are not available to the outside world (e.g. 127.0.0.1, and others).
The easiest is probably to transpose on the python library we use for this in other services: http://dev.w3.org/cvsweb/2004/PythonLib-IH/checkremote.py?rev=1.24;content-type=text%2Fplain