-When uploading a file using picker, api key, policy & signature will be leaked if you inspect in network, payload ( endpoint leaks are : start, upload, complete). This is real concern if a penetrator can catch this info, they can use the account's api key. The screenshot I provided is the example in the main page Filestack.com
-This behavior might occur when using picker.open().
posible solution / ideas
Maybe add a encoding method for those important keys when creating request ?
Reproduce the problem
Go to filestack.com , open inspect browser/network. Meanwhile try to upload a file from the modal, after uploading, you'll see some endpoints that I mentioned that leak the infos.
Additional Screenshots
Your Environment
Version used: Filestack 3.25,
Browser Name and version: Google Chrome
Operating System and version (desktop or mobile): MacBook
-When uploading a file using picker, api key, policy & signature will be leaked if you inspect in network, payload ( endpoint leaks are : start, upload, complete). This is real concern if a penetrator can catch this info, they can use the account's api key. The screenshot I provided is the example in the main page Filestack.com
-This behavior might occur when using picker.open().
posible solution / ideas
Reproduce the problem
Additional Screenshots
Your Environment