Is disclosing of BOOMR API considered to have security issue?

akamai / boomerang

End user oriented web performance testing and beaconing

http://akamai.github.io/boomerang/

Other

1.86k stars 292 forks source link

Is disclosing of BOOMR API considered to have security issue? #316

Closed prdp1137 closed 3 years ago

bluesmoon commented 3 years ago

API == Application Programming Interface. By definition it has to be public so that developers can write code against it. This is why it is fully documented. I'm not sure I understand your question.

prdp1137 commented 3 years ago

I mean BOOMR api key being disclosed in website while viewing source.

bluesmoon commented 3 years ago

Nope, that's exactly where it should be. It's an API key, not a secret key. In this case the term API key is synonymous with APP id as in dictionary lookup key and not something to open a lock.