diff options
2 files changed, 10 insertions, 12 deletions
diff --git a/README b/README
index 948161c..dc3c53d 100644
--- a/README
+++ b/README
@@ -5,7 +5,7 @@ compared to invoking python on every request.
-- Python 3.5.3 (for aiohttp and asyncio.get_running_loop)
+- Python 3.5.3+ (for aiohttp and asyncio.get_running_loop)
- aiohttp
- pygments
@@ -16,3 +16,12 @@ Usage:
boot. This can be done by `systemctl enable syntax-highlighting` on systemd
3. Set your cgit source filter to
+aiohttp is not designed with security in mind. Slow clients can easily cause
+excessive memory usage by sending very large highlighting requests, or by
+opening a large number of connections and abandoning them. Therefore,
+cgit-syntax-highlighting SHOULD NOT be exposed to the public Internet.
+Suggestions are accepted for more lightweight asynchronous Python HTTP server
diff --git a/ b/
index a1e30d6..481c4c0 100755
--- a/
+++ b/
@@ -1,16 +1,5 @@
#!/usr/bin/env python3
-# create a simple HTTP server to highlight
-# source for cgit. improves performance compared to invoking python on every
-# request.
-# Requirements: Python 3, pygments.
-# Usage: Configure your system to run this at boot. Note that this program is
-# not hardened, and it can be trivially DoSed. therefore, do not configure it
-# to listen on a public network. Once configured, set your cgit source filter
-# to
import pygments
from pygments import highlight
from pygments.formatters import HtmlFormatter