You are viewing a single comment's thread from:
RE: [steemhunt.com] .DS_Store file is publicly available to anyone.
Hey,
I see in you github report, you have mentioned browser and OS as any. Its not where the issue is happening, its what you used to test your bug.
Also when you say, you can download all the files, you can download those anyways, this is a opensource project, you can look at the code and make whatever change you want. Question is can you deploy it to thr server without their permission?
Thanks for the suggestion, I pointed out here that though the code does'nt have any crtical files right now. But in Future may be some API-Keys might be used, for ex: AWS etc that with this public one can download the config files easily and may use it maliciously.
I will fix my Github issue regarding OS and Browser. Feel free to ask any question you may have
Thanks.