interrrp
commented
1 year ago Images are being fetched on the client, so it's vulnerable to IP grabbers and such
Open interrrp opened 1 year ago
interrrp
commented
1 year ago Images are being fetched on the client, so it's vulnerable to IP grabbers and such
SX-9
commented
1 year ago good point, but how is it vulnerable to ip grabbers?
SX-9
commented
1 year ago also im hosting this project on firebase free plan so i cant just check for ip grabbers on the backend
interrrp
commented
1 year ago good point, but how is it vulnerable to ip grabbers?
The client is the one making the request to the image, so if an IP grabber is placed, they'll get the client's IP
I think it'd be nice to have some security in the image feature; currently, the app doesn't check if the given "image URL" contains an image. I propose something like fetching the URL in the backend and analyzing it there.