RomanNum3ral
/
MicroFish
mirror of https://github.com/666ghj/MiroFish.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
MicroFish/backend
History
ChinhLee e9cac5f8ee fix(security): flask debug mode enabled by default, exposed on 0.0.0.0 
DEBUG defaults to True (FLASK_DEBUG env var is 'True' unless overridden) and the server binds to 0.0.0.0. When debug mode is active, Flask enables the Werkzeug interactive debugger, which allows arbitrary Python code execution via the browser-accessible debugger console if an exception is triggered. Combined with the public bind address this creates a remote code execution vector on any deployment that forgets to set FLASK_DEBUG=False.

Affected files: config.py

Signed-off-by: ChinhLee <76194645+chinhkrb113@users.noreply.github.com>
 		2026-04-02 21:20:56 +07:00
..
app fix(security): flask debug mode enabled by default, exposed on 0.0.0.0 2026-04-02 21:20:56 +07:00
scripts Add UTF-8 encoding support for Windows in simulation_runner.py and run_parallel_simulation.py to resolve character encoding issues with third-party libraries. 2025-12-26 18:14:57 +08:00
pyproject.toml fix(file_parser): handle non-UTF-8 encoded text files with automatic encoding detection 2026-01-22 18:28:37 +08:00
requirements.txt fix(file_parser): handle non-UTF-8 encoded text files with automatic encoding detection 2026-01-22 18:28:37 +08:00
run.py Add UTF-8 encoding support for Windows console in run.py and logger.py to prevent character encoding issues 2025-12-26 17:58:48 +08:00
uv.lock fix(file_parser): handle non-UTF-8 encoded text files with automatic encoding detection 2026-01-22 18:28:37 +08:00