Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return HTTP 401 from /Upload if consent has not yet been granted using /Ask #6

Open
deanward81 opened this issue Jun 8, 2021 · 0 comments
Open

Return HTTP 401 from /Upload if consent has not yet been granted using /Ask #6

deanward81 opened this issue Jun 8, 2021 · 0 comments
Assignees
@deanward81
Labels
bug Something isn't working security Security issue task Outstanding task

Comments

@deanward81
Copy link
Owner

I can't imagine this is an issue with legitimate AirDrop clients (they appear to always call /Ask before /Upload) but a malicious client could send unsolicited files to a peer by calling /Upload directly - this should cause return an HTTP 401 to the sender if /Ask has not yet been called.
@deanward81 deanward81 added bug Something isn't working task Outstanding task security Security issue labels Jun 8, 2021
@deanward81 deanward81 self-assigned this Jun 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@deanward81 deanward81

Labels
bug Something isn't working security Security issue task Outstanding task
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@deanward81