Skip to content

Commit

Permalink
Disabled about page and web upload of plugins.
Browse files Browse the repository at this point in the history 
The about page was not linked from any page, and would expose sensitive
environment variable to admins.

Web upload of plugins was not used and is undesirable for us.
  • Loading branch information
@bmispelon @felixxm
bmispelon authored and felixxm committed Feb 16, 2024
1 parent d9356b4 commit 31b818a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions trac-env/conf/trac.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ wiki_format_messages = enabled

[components]
navhider.filter.* = enabled
trac.about.* = disabled
trac.admin.web_ui.PluginAdminPanel = disabled
trac.ticket.query.* = enabled
trac.ticket.query.querymodule = enabled
trac.ticket.query.ticketquerymacro = enabled
Expand Down

0 comments on commit 31b818a

Please sign in to comment.