[Security] Sensitive user information displayed api response requests
The following values should be hidden or encrypted from the api requests as they impose security risk to users' data:
user id is displayed in the body of the network requests when opening - this can be used for penetration of the backend or for sql injections to affect users' data.
api body data on login with in-world code/the verified of the code and session tokens are visible in the responses - this information can be intercepted if the user is not using secure connection and used to hack their accounts.
Please authenticate to join the conversation.
Upvoters
Status
Closed
Board
Bug Reports
Date
Almost 2 years ago
Author
Aiyumei Resident
Subscribe to post
Get notified by email when there are changes.
Upvoters
Status
Closed
Board
Bug Reports
Date
Almost 2 years ago
Author
Aiyumei Resident
Subscribe to post
Get notified by email when there are changes.