-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
INTERNALS/MAIN.GO: line 107: is writing the path in the proxy URL like this a privacy breech? #65
INTERNALS/MAIN.GO: line 107: is writing the path in the proxy URL like this a privacy breech? #65
Comments
Currently this is now:
in The path needs to be encrypted. |
Note, Marc has requested to have access to params. |
Nice work. Done & done. |
July 8 - 15
|
July 16 - 22
|
July 29
|
Aug 5, 2024Can we make the "/media" call on Line 644 in 'interceptro.go' dynamic? |
Description
Line 107 of the interceptor: is writing the path in the proxy URL like this a privacy breech?
r, err := http.NewRequest("POST", c.proxyURL+parsedURL.Path, bytes.NewBuffer(data))
This parsedURL.Path should really only be accessible to the S.P.
This information is carried to line 160 of server/tunnel.go
Requirements:
Tasks
Acceptance Criteria
When a frontend user creates a
get
,post
, or other request type, this information should be fully hidden from the proxy and transmitted as part of the encrypted body only. The Service Provider should be able to access this information within the node.js backend by invoking the properties:Reference:
https://expressjs.com/en/api.html#req.path
https://expressjs.com/en/api.html#req.path
The text was updated successfully, but these errors were encountered: