5f7942faca
The example/default bot policy document had a rule to allow RSS readers through based on paths that end with ".rss", ".xml", ".atom", or ".json". Frameworks like Rails will treat these specially, meaning that going to /things/12345-whateverhaha.json could bypass Anubis. I checked the history of this rule and it was present in the original example policy file in Xe/x. This rule is likely a mistake and it has been removed. I think it was for making my blog still work with RSS readers. Thanks to Graham Sutherland for reporting this over email. Signed-off-by: Xe Iaso <me@xeiaso.net>
1 line
7 B
Text
1 line
7 B
Text
1.14.2
|