archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
Files
eeb80ba96b59b3a00ebc0512a96a64ba6124ae3d
phabricator/scripts
History
epriestley 2d7abfd9fa Use HTTPS, not HTTP, in install scripts 
Summary:
Via HackerOne. A researcher correctly reports that our install scripts use `HTTP`, not `HTTPS`, to fetch resources and execute them as `root`, which is a potentially significant vulnerability.

Instead, use `HTTPS`.

Test Plan: Verified that these URIs function correctly over `HTTPS`.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16958
2016-11-29 12:11:04 -08:00
..
almanac
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
cache
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
celerity
Update Phabricator logo
2016-08-07 11:35:21 -07:00
daemon
Lift ticks declaration to top level in Phabricator daemons
2016-06-06 06:39:09 -07:00
diviner
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
drydock
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
fact
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
files
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
fpm
Delete license headers from files
2012-11-05 11:16:51 -08:00
init
Allow bin/aphlict to start without a valid database connection
2016-11-13 16:43:23 -08:00
install
Use HTTPS, not HTTP, in install scripts
2016-11-29 12:11:04 -08:00
lipsum
Improve bin/lipsum UX
2015-12-24 09:06:35 -08:00
mail
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
repository
Provide basic support for Subversion revprops
2016-06-24 13:43:32 -07:00
search
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
setup
Add a skeleton for Calendar notifications
2016-11-01 10:41:15 -07:00
sms
Use PhutilClassMapQuery instead of PhutilSymbolLoader
2015-08-14 07:49:01 +10:00
sql
Respect user/pass flags to bin/storage for direct DatabaseRef-based queries
2016-11-19 08:39:45 -08:00
ssh
Cache generation of the SSH authentication keyfile for sshd
2016-10-21 07:29:40 -07:00
symbols
Update import/clear symbols scripts for callsigns
2016-02-18 09:55:57 -08:00
user
Add "Mailing List" users
2015-06-03 18:42:33 -07:00
util
phtize all the things
2015-05-22 21:16:39 +10:00
__init_script__.php
Continue on bad database configuration from select scripts
2016-09-06 14:20:57 -07:00