searxng

mirror of https://github.com/searxng/searxng.git synced 2024-09-27 05:50:11 +00:00

History

Alex Balgavy 6b59800dc6 Fix security vulnerabilities in suggested nginx configuration The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy		2021-03-03 12:34:22 +01:00
..
engines
api.rst
arch_public.dot
architecture.rst
buildhosts.rst	[mod] documentations & comments: update http://* URL to https://*.	2020-12-04 16:52:25 +01:00
engines.rst	[mod] documentation: change the jinja context doesn't depend on searx.webapp	2020-12-27 10:00:35 +01:00
filtron.rst	Fix security vulnerabilities in suggested nginx configuration	2021-03-03 12:34:22 +01:00
index.rst
installation-apache.rst	[doc] improve admin-docs about result proxy (morty) configuration	2021-01-27 09:58:06 +01:00
installation-docker.rst
installation-nginx.rst	Fix security vulnerabilities in suggested nginx configuration	2021-03-03 12:34:22 +01:00
installation-searx.rst	[mod] improve settings documentation	2021-01-11 22:12:38 +01:00
installation-uwsgi.rst
installation.rst	[mod] move brand options from Makefile to settings.yml	2021-01-11 22:12:38 +01:00
morty.rst	[doc] improve admin-docs about result proxy (morty) configuration	2021-01-27 09:58:06 +01:00
plugins.rst	[mod] documentation: change the jinja context doesn't depend on searx.webapp	2020-12-27 10:00:35 +01:00
settings.rst	[mod] improve settings documentation	2021-01-11 22:12:38 +01:00
update-searx.rst