diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -5,7 +5,7 @@ compared to invoking python on every request. Requirements: -- Python 3.5.3 (for aiohttp and asyncio.get_running_loop) +- Python 3.5.3+ (for aiohttp and asyncio.get_running_loop) - aiohttp - pygments @@ -16,3 +16,12 @@ Usage: boot. This can be done by `systemctl enable syntax-highlighting` on systemd machines. 3. Set your cgit source filter to syntax-highlighting-client.sh. + +Security: + +aiohttp is not designed with security in mind. Slow clients can easily cause +excessive memory usage by sending very large highlighting requests, or by +opening a large number of connections and abandoning them. Therefore, +cgit-syntax-highlighting SHOULD NOT be exposed to the public Internet. +Suggestions are accepted for more lightweight asynchronous Python HTTP server +libraries. |