Comments (8)
If you turn on the login, and leave the database empty, people will not be able to log in. Only logged in users can perform changes. I don't think this should be a problem.
Debug: False
SSL: True
LoginRequired: True
from cve-search.
This works but I would like to get rid of the non-used url paths (as a security measure) to avoid exposing code that we don't need for public services. I would like to remove the option box for the black/white-list parts.
Do you mind if I add an option for the web interface:
Minimal: True
and update the code to check the option and disable the unnecessary parts when minimal is active.
Cheers
from cve-search.
I do not mind, but I have a feeling that having checks all over the code might become messy. Maybe make a "minimal" branch of cve-search? Or how would you do it, within the code?
from cve-search.
Indeed, I just checked and that's a lot of test-case. Maybe I'll do a minimal index.py and move some of the functions in the library.
from cve-search.
Just a question, why did you remove the search option in the minimal version? Also, the logo doesn't quite fit in the menu. Do I fix this?
from cve-search.
I asked 3 users, they all tried to do cpe search in the form... So until we have a full-blown cpe search in the form, I preferred to remove it in the minimal version. Until now, they can use the browse functionality.
The logo should be a bit over to have the corner outside. So it's by design ;-)
If you see something else, let me know. (I sent you a private email with a test temporary url)
from cve-search.
Would you also make an "api only" script? or a way to disable the web pages in the minimal?
from cve-search.
This has been implemented in the minimal-web interface. I'll create another issue for the API only interface.
from cve-search.
Related Issues (20)
- Possible issue retrieving new CVE's HOT 3
- CPEData Cannot push into the db HOT 1
- Retrieve information for multiple CVEIDs in one API request HOT 2
- No such file or directory: '/opt/cve/cve-env/lib/python3.10/site-packages/CveXplore/common/.env_example' HOT 5
- KeyError: 'cpe_2_2' HOT 4
- Could not find a NIST API Key in the '~/.cvexplore/.env' file; you could request one at: https://nvd.nist.gov/developers/request-an-api-key HOT 10
- SSL certificate expired for cve-search.org domain HOT 2
- MongoDB connections not closed HOT 1
- Updater fails when db IP gets reconfigured HOT 2
- Error in web fresh installation Ubuntu 22.04 LTS HOT 2
- Error when I click on a CVE report in fresh installation Ubuntu 22.04 LTS HOT 2
- AttributeError when searching for a specific CVE in Ubuntu 23.10 HOT 5
- KeyError when searching in summary in Ubuntu 23.10 HOT 3
- TLS certificate expired HOT 2
- ModuleNotFoundError: No module named 'requirements' HOT 3
- Not Showing Proper Results HOT 3
- Improve MongoDB create/insert HOT 1
- No have CVE-2023-37582 data HOT 2
- CAPEC Content-Type has changed HOT 3
- Unhandled Content-Type ๏ผtext/xml from url HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cve-search.