HomeSolus

Update flask-cors to 3.0.9 and enable tests

Authored by Staudey on Sep 9 2020, 1:59 PM.

Description

Update flask-cors to 3.0.9 and enable tests

Summary:
Update flask-cors to 3.0.9 and enable tests

Change: Escape path before evaluating resource rules. Prior to this, flask-cors incorrectly
evaluated CORS resource matching before path expansion. E.g. "/api/../foo.txt" would incorrectly match resources for
"/api/*" whereas the path actually expands simply to "/foo.txt"

Test Plan: Build and run Anki with this new version

Reviewers: Triage Team, JoshStrobl

Reviewed By: Triage Team, JoshStrobl

Subscribers: JoshStrobl

Tags: #security

Differential Revision: https://dev.getsol.us/D9589

Details

Committed
JoshStroblSep 9 2020, 2:00 PM
Pushed
JoshStroblSep 9 2020, 2:00 PM
Reviewer
Triage Team
Differential Revision
D9589: Update flask-cors to 3.0.9 and enable tests
Parents
R5049:e2a97950157f: Initial inclusion of flask-cors
Branches
Unknown
Tags
Unknown
References
tag: flask-cors-3.0.9-2