Closed dr3394 closed 1 week ago
Thank you @dr3394 for identifying this critical security vulnerability. You're absolutely correct that exposing user tokens through the handle_get_user
endpoint is a serious security risk. We've addressed this issue with the following changes:
handle_get_user
function to return only non-sensitive user data.Here's the updated handle_get_user
function:
@app.route("/users", methods=["GET"])
def handle_get_user():
# Create a new dictionary with only non-sensitive user data
safe_user_data = {user_id: {"id": user_id} for user_id in users.keys()}
return Response(json.dumps(safe_user_data), status=200, mimetype="application/json")
The
handle_get_user
endpoint returns a list of users with their corresponding tokens. This exposes sensitive information (tokens) to anyone who accesses the endpoint.Limit the data returned by this endpoint. Do not expose tokens or other sensitive information. Only return user IDs or non-sensitive data.