python/httpie-cli
1
0
Fork 0
mirror of https://github.com/httpie/cli.git synced 2025-08-10 22:42:05 +02:00
Code Activity

Tweak SECURITY and add a Security policy section to docs

Browse Source
This commit is contained in:
Jakub Roztocil
2022-03-07 20:55:51 +01:00
committed by Batuhan Taskaya
parent 614866eeb2
commit 0a873172c9
2 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
SECURITY.md
View File

@@ -1,10 +1,14 @@
# Security Policy # Security policy
## Reporting a Vulnerability ## Reporting a vulnerability
To report a vulnerability, please send an email to `security@httpie.io` describing the: When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:
- The description of the vulnerability itself - Email to [`security@httpie.io`](mailto:security@httpie.io)
- A short reproducer to verify it (you can submit a small HTTP server, a shell script, a docker image etc.) - Report on [huntr.dev](https://huntr.dev/)
- The severity level classification (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
- If associated with any, the [CWE](https://cwe.mitre.org/) ID. In addition to the description of the vulnerability, please include also:
- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)
- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
- [CWE](https://cwe.mitre.org/) ID, if available.

8
docs/README.md
View File

@@ -2252,7 +2252,7 @@ $ http --session=./session.json pie.dev/headers Cookie:foo=bar
```bash ```bash
$ httpie cli sessions upgrade pie.dev api_auth $ httpie cli sessions upgrade pie.dev api_auth
Upgraded 'api_auth' @ 'pie.dev' to v3.1.0 Upgraded 'api_auth' @ 'pie.dev' to v3.1.0
``` ```
Upgrade a single [anonymous session](#anonymous-sessions) using a file path: Upgrade a single [anonymous session](#anonymous-sessions) using a file path:
@@ -2293,7 +2293,7 @@ Upgraded 'session.json' @ 'pie.dev' to v3.1.0
### Configurable options ### Configurable options
Currently, HTTPie offers a single configurable option: Currently, HTTPie offers a single configurable option:
#### `default_options` #### `default_options`
An `Array` (by default empty) of default options that should be applied to every invocation of HTTPie. An `Array` (by default empty) of default options that should be applied to every invocation of HTTPie.
@@ -2532,6 +2532,10 @@ Helpers to convert from other client tools:
See [CONTRIBUTING](https://github.com/httpie/httpie/blob/master/CONTRIBUTING.md). See [CONTRIBUTING](https://github.com/httpie/httpie/blob/master/CONTRIBUTING.md).
### Security policy
See [github.com/httpie/httpie/security/policy](https://github.com/httpie/httpie/security/policy).
### Change log ### Change log
See [CHANGELOG](https://github.com/httpie/httpie/blob/master/CHANGELOG.md). See [CHANGELOG](https://github.com/httpie/httpie/blob/master/CHANGELOG.md).