khoj icon indicating copy to clipboard operation
khoj copied to clipboard

Published 20 hours ago verified publisher icon khoj-ai

Web UI is not protected with authentication

Open link2xt opened this issue 11 months ago • 3 comments

Jupyter notebook generates a token and uses it to authenticate browser session, so only the user who started the web server process can use the web UI.

With khoj everyone on the same machine with access to http://127.0.0.1:42110/ can change settings to point to index any files (e.g. the whole home directory) and then search it.

link2xt avatar Jul 31 '23 00:07 link2xt