Files
@ a0a9ae753cc4
Branch filter:
Location: kallithea/docs/usage/backup.rst - annotation
a0a9ae753cc4
512 B
text/prs.fallenstein.rst
login: simplify came_from validation
Even though only server-relative came_from URLs were ever generated,
the login controller allowed fully qualified URLs (URLs including
scheme and server). To avoid an open HTTP redirect (CWE-601), the code
included logic to prevent redirects to other servers. By requiring
server-relative URLs, this logic can simply be removed.
Note: SCRIPT_NAME is still not validated and it is thus possible to redirect
from one app to another on the same netloc.
Even though only server-relative came_from URLs were ever generated,
the login controller allowed fully qualified URLs (URLs including
scheme and server). To avoid an open HTTP redirect (CWE-601), the code
included logic to prevent redirects to other servers. By requiring
server-relative URLs, this logic can simply be removed.
Note: SCRIPT_NAME is still not validated and it is thus possible to redirect
from one app to another on the same netloc.
af371e206ec5 af371e206ec5 17c9393e9645 e73a69cb98dc af371e206ec5 af371e206ec5 af371e206ec5 af371e206ec5 af371e206ec5 af371e206ec5 e73a69cb98dc af371e206ec5 fbbe80e3322b af371e206ec5 af371e206ec5 af371e206ec5 4e6dfdb3fa01 4e6dfdb3fa01 af371e206ec5 af371e206ec5 af371e206ec5 af371e206ec5 af371e206ec5 e73a69cb98dc af371e206ec5 af371e206ec5 4e6dfdb3fa01 | .. _backup:
====================
Backing up Kallithea
====================
Settings
--------
Just copy your .ini file, it contains all Kallithea settings.
Whoosh index
------------
The Whoosh index is located in the ``data/index`` directory where you installed
Kallithea, i.e., the same place where the ini file is located
Database
--------
When using sqlite just copy kallithea.db.
Any other database engine requires a manual backup operation.
A database backup will contain all gathered statistics.
|