mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-12-26 15:21:20 +00:00
Disable PDF export due to security issue
As a temporary fix, to keep you and your users save, this patch disables the PDF export feature. Details of the attack along with a fix for future versions of CodiMD will be released in future. I hope you can live with this solution for this release because I'm super short on time and the alternative would be to ship no fix at all. This appears to be the better solution for this release. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This commit is contained in:
parent
e574ae7588
commit
c178947402
1 changed files with 6 additions and 0 deletions
|
@ -189,6 +189,12 @@ switch (config.imageUploadType) {
|
|||
]
|
||||
}
|
||||
|
||||
// Disable PDF export due to security issue
|
||||
if (config.allowPDFExport) {
|
||||
config.allowPDFExport = false
|
||||
logger.warn('PDF export was disabled for this release to mitigate a critical security issue. This feature will hopefully become available again in future releases.')
|
||||
}
|
||||
|
||||
// generate correct path
|
||||
config.sslCAPath.forEach(function (capath, i, array) {
|
||||
array[i] = path.resolve(appRootPath, capath)
|
||||
|
|
Loading…
Reference in a new issue