0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2024-12-16 21:56:43 -05:00

lint: explain hash alg exclusion better

This commit is contained in:
Will Norris 2022-01-22 10:29:05 -08:00
parent 13bafdbf9e
commit ef8aec77a9

View file

@ -15,10 +15,10 @@ issues:
exclude-rules:
# Some cache implementations use md5 hashes for cached filenames. There is
# a slight risk of cache poisoning if an attacker could construct a URL
# with the same hash, but it would also need to be allowed by the proxies
# security settings. Changing these to a more secure hash algorithm would
# result in 100% cache misses when users upgrade. For now, just leave these
# alone.
# with the same hash, but the URL would also need to be allowed by the
# proxy's security settings (host allowlist, URL signature, etc). Changing
# these to a more secure hash algorithm would result in 100% cache misses
# when users upgrade. For now, just leave these alone.
- path: internal/.*cache
linters: gosec
text: G(401|501)