From 719e021f84232f64fd05619b427db2bfaa747174 Mon Sep 17 00:00:00 2001 From: Nick Sweeting Date: Fri, 3 May 2024 19:14:47 -0700 Subject: [PATCH] Updated Security Overview (markdown) --- Security-Overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Security-Overview.md b/Security-Overview.md index 1824e40..9ad1c79 100644 --- a/Security-Overview.md +++ b/Security-Overview.md @@ -67,7 +67,7 @@ Make sure you thoroughly understand the dangers of [hosting untrusted HTML/JS/CS (This is why we don't support serving ArchiveBox from a subdirectory like `myapps.example.com/archivebox/`, it's too dangerous to share domains) -The industry standard approach is to use a separate domain for untrusted content, for example Github uses `githubusercontent.com` and Google uses `googleusercontent.com` for all user-uploaded files. If hosting ArchiveBox publicly, do the same and keep it on an isolated domain in order to mitigate potential damage of leaked cookies, CORS, and CSRF attack. +The industry standard approach is to use a separate domain for untrusted content, for example Github uses `githubusercontent.com` and Google uses `googleusercontent.com` for all user-uploaded files. If hosting ArchiveBox publicly, do the same and keep it on an isolated domain in order to mitigate potential damage of leaked cookies, CORS, and CSRF attacks. To protect the Admin dashboard, it's also recommended to serve all content under `/archive/` on a separate domain from `/admin/`. We do this on our servers using a simple redirect rule in nginx/cloudflare like so: