Corrections following the security audit
Description
- Closes #110 : protect script execution
- Closes #112 : refactor cors usage
Changelog
- Fix manage_db tool
- Align scaleway configuration files example
- Protect script execution #110
- Bind docker port to localhost only (via docker_run script)
- Rework CORS (restrict backend access to host and remove useless CORS headers in frontend)
How to test
- unit testing
- create a visio (verify that the scripts are correctly executed)
- add in /etc/hosts the line: toto.inria.fr and test all apis (via swagger and frontend appli)
Edited by HUYNH Kim-Tam