You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At present we call another w3act process in the same toolset (python-w3act) using the old popen call (subprocess didn't seem to work passing through wrapped arguments).
In theory this could raise injection issues, although presumably anybody doing that would already have access to the server, so it's probably not a problem.
Just flagging it to consider.
Example:
w3act get-csv -H server << this sort of thing is called using the method below.
At present we call another w3act process in the same toolset (python-w3act) using the old popen call (subprocess didn't seem to work passing through wrapped arguments).
In theory this could raise injection issues, although presumably anybody doing that would already have access to the server, so it's probably not a problem.
Just flagging it to consider.
Example:
w3act get-csv -H server << this sort of thing is called using the method below.
https://github.com/ukwa/python-w3act/blob/master/w3act/dbc/identify_target_qa_issues.py#L70
The text was updated successfully, but these errors were encountered: