You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-When uploading a file using picker, api key, policy & signature will be leaked if you inspect in network, payload ( endpoint leaks are : start, upload, complete). This is real concern if a penetrator can catch this info, they can use the account's api key. The screenshot I provided is the example in the main page Filestack.com
-This behavior might occur when using picker.open().
##posible solution / ideas
Maybe add a encoding method for those important keys when creating request ?
##Reproduce the problem
Go to filestack.com , open inspect browser/network. Meanwhile try to upload a file from the modal, after uploading, you'll see some endpoints that I mentioned that leak the infos.
Additional Screenshots
Your Environment
Version used: Filestack 3.25,
Browser Name and version: Google Chrome
Operating System and version (desktop or mobile): MacBook
Link to your project: filestack.com
The text was updated successfully, but these errors were encountered:
-When uploading a file using picker, api key, policy & signature will be leaked if you inspect in network, payload ( endpoint leaks are : start, upload, complete). This is real concern if a penetrator can catch this info, they can use the account's api key. The screenshot I provided is the example in the main page Filestack.com
-This behavior might occur when using picker.open().
##posible solution / ideas
##Reproduce the problem
Additional Screenshots
Your Environment
The text was updated successfully, but these errors were encountered: