Closed bridgedragon closed 2 years ago
When you call a method on the api, the method call itself is returned in the response. That's incorrect from the security point of view.
For example: Request: http://xxx.xxx.xxx.xxx/btc/mainnet/abcdtest
http://xxx.xxx.xxx.xxx/btc/mainnet/abcdtest
Response:
{ "message": "Calling unknown method indexing<test> for wrapper API btc", "code": 400 }
Response should not contain 'abcdtest' in it.
Issue
When you call a method on the api, the method call itself is returned in the response. That's incorrect from the security point of view.
For example: Request:
http://xxx.xxx.xxx.xxx/btc/mainnet/abcdtest
Response:
Response should not contain 'abcdtest' in it.