paperless-ngx

amorfo77/paperless-ngx

Fork 0

mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2026-05-12 09:35:25 +00:00

Commit Graph

Author	SHA1	Message	Date
Trenton H	dda05a7c00	Security: Improve overall security in a few ways (#12501 ) - Make sure we're always using regex with timeouts for user controlled data - Adds rate limiting to the token endpoint (configurable) - Signs the classifier pickle file with the SECRET_KEY and refuse to load one which doesn't verify. - Require the user to set a secret key, instead of falling back to our old hard coded one	2026-04-02 15:30:26 -07:00
shamoon	9bdbfd362f	Merge commit from fork * Add safe regex matching with timeouts and validation * Remove redundant length check * Remove timeouterror workaround	2025-12-12 09:28:47 -08:00

Author

SHA1

Message

Date

Trenton H

dda05a7c00

Security: Improve overall security in a few ways (#12501 )

- Make sure we're always using regex with timeouts for user controlled data
- Adds rate limiting to the token endpoint (configurable)
- Signs the classifier pickle file with the SECRET_KEY and refuse to load one which doesn't verify.
- Require the user to set a secret key, instead of falling back to our old hard coded one

2026-04-02 15:30:26 -07:00

shamoon

9bdbfd362f

Merge commit from fork

* Add safe regex matching with timeouts and validation

* Remove redundant length check

* Remove timeouterror workaround

2025-12-12 09:28:47 -08:00

2 Commits