Mercurial > p > roundup > code
view doc/postgresql.txt @ 5924:b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
if deployed as CGI and client sends an http PROXY
header, the tainted HTTP_PROXY environment variable is created. It
can affect calls using requests package or curl. A roundup admin
would have to write detectors/extensions that use these mechanisms.
Not exploitable in default config.
See: https://httpoxy.org/
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 13 Oct 2019 17:45:06 -0400 |
| parents | e48b039b0ec0 |
| children | c2fd254c9257 |
line wrap: on
line source
========================== PostgreSQL/psycopg Backend ========================== This are notes about PostqreSQL backend based on the psycopg adapter for Roundup issue tracker. Prerequisites ============= To use PostgreSQL as backend for storing roundup data, you should additionally install: 1. PostgreSQL 8.x or higher - https://www.postgresql.org/ 2. The psycopg python interface to PostgreSQL: http://initd.org/psycopg/ Running the PostgreSQL unit tests ================================= The user that you're running the tests as will need to be able to access the postgresql database on the local machine and create and drop databases. See the config values in 'test/db_test_base.py' about which database connection, name and user will be used. Credit ====== The postgresql backend was originally submitted by Federico Di Gregorio <fog@initd.org>