mirror of
https://github.com/willnorris/imageproxy.git
synced 2024-12-16 21:56:43 -05:00
lint: explain hash alg exclusion better
This commit is contained in:
parent
13bafdbf9e
commit
ef8aec77a9
1 changed files with 5 additions and 5 deletions
|
@ -15,10 +15,10 @@ issues:
|
|||
exclude-rules:
|
||||
# Some cache implementations use md5 hashes for cached filenames. There is
|
||||
# a slight risk of cache poisoning if an attacker could construct a URL
|
||||
# with the same hash, but it would also need to be allowed by the proxies
|
||||
# security settings. Changing these to a more secure hash algorithm would
|
||||
# result in 100% cache misses when users upgrade. For now, just leave these
|
||||
# alone.
|
||||
# with the same hash, but the URL would also need to be allowed by the
|
||||
# proxy's security settings (host allowlist, URL signature, etc). Changing
|
||||
# these to a more secure hash algorithm would result in 100% cache misses
|
||||
# when users upgrade. For now, just leave these alone.
|
||||
- path: internal/.*cache
|
||||
linters: gosec
|
||||
text: G(401|501)
|
||||
|
|
Loading…
Reference in a new issue