Paul Fitzpatrick 6e15d44cf6 (core) start applying defenses for untrusted document uploads ... Summary: This applies some mitigations suggested by SQLite authors when opening untrusted SQLite databases, as we do when Grist docs are uploaded by the user. See: https://www.sqlite.org/security.html#untrusted_sqlite_database_files Steps implemented in this diff are: * Setting `trusted_schema` to off * Running a SQLite-level integrity check on uploads Other steps will require updates to our node-sqlite3 fork, since they are not available via the node-sqlite3 api (one more reason to migrate to better-sqlite3). I haven't yet managed to create a file that triggers an integrity check failure without also being detected as corruption by sqlite at a more basic level, so that is a TODO for testing. Test Plan: existing tests pass; need to come up with exploits to actually test the defences and have not yet Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2909		2021-07-14 18:34:27 -04:00
..
lib	(core) start applying defenses for untrusted document uploads	2021-07-14 18:34:27 -04:00
declarations.d.ts	(core) start applying defenses for untrusted document uploads	2021-07-14 18:34:27 -04:00
devServerMain.ts	(core) Refactoring google drive plugin	2021-07-14 09:52:04 +02:00
mergedServerMain.ts	(core) Refactoring google drive plugin	2021-07-14 09:52:04 +02:00
serverMethods.ts	(core) Use individual choices for filtering choice lists	2021-06-11 09:34:06 -07:00
tsconfig.json	(core) move home server into core	2020-07-21 20:39:10 -04:00