Skip to content
Snippets Groups Projects
Select Git revision
  • tedomum-prod default
1 result
Blame Permalink
  • Lukas Reschke's avatar
    f3e91068
    Don't trust update server · f3e91068
    Lukas Reschke authored 
    In case the update server may deliver malicious content this would allow an adversary to inject arbitrary HTML into the response. So very bad stuff.

While signing the response would be better and something we can also do in the future (considering the code signing work), this is already a good first start.
    f3e91068
    History
    Don't trust update server
    Lukas Reschke authored 
    In case the update server may deliver malicious content this would allow an adversary to inject arbitrary HTML into the response. So very bad stuff.

While signing the response would be better and something we can also do in the future (considering the code signing work), this is already a good first start.