noosfero | Noosfero API (#500)
Antonio Terceiro
gitlab at gitlab.com
Wed Mar 11 16:32:40 BRT 2015
New comment for Merge Request 500
https://gitlab.com/noosfero/noosfero/merge_requests/500#note_943577
Antonio Terceiro
yes it is a (security) problem. If any place that opens a file based on user user-supplied data without the proper sanitizing calls open() we might be slurping random data from the internet.
The geocoding itself *needs* to be done in the background, because calling external services during a request will for sure bring performance problems.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150311/03eb97f2/attachment.html>
More information about the Noosfero-dev
mailing list