Subsonic icon indicating copy to clipboard operation
Subsonic copied to clipboard

Published 20 hours ago verified publisher icon daneren2005

Fix insecure connections

Open flyingOwl opened this issue 1 year ago • 0 comments

Every server configuration has its own setting that enables the use of insecure connections. This is disabled by default. Only verified https connections are allowed. Error messages with a note about the setting have been added.

CVE-2018-1000664

Discussed in #60

The second commit replaces the http-only subsonic.org demo server with the Navidrome demo server.

flyingOwl avatar Jan 28 '24 14:01 flyingOwl