128
Introducing https://feddit.online , a new KBIN server
(feddit.online)
Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign
Congratulations!
Side note, did you want the symfony explorer to show up for people? https://feddit.online/_profiler/a687ea?panel=db
Yeah the Symfony Toolbar shows up at the bottom of the homepage for me. I've never used Symfony before, but it looks like a developer tool, not something you want running in your production environment. ;) @Jerry
Yep, i saw secret keys, passwords, usernames and more just glancing at the Toolbar, he should change it ASAP
it is still like that. After 2 days. I actually believe that such low effort "contributions" to the fediverse are causing more harm than good.
I was looking through that and was thinking it was just reporting on the server configuration, but nope, all .env values are right there and nicely formatted. Yeesh.
Wow. Nice!. Is there an option to make it available, or would I just link to it in the "about" page?
hm, it actually shouldn't be public at all
Yes I remember having a look at that the other day and browsing through all the POST requests that server received from other servers.... And thinking I'm not sure this is supposed to be publicly available...
you can actually see even the username/passwords when one user logins
@Jerry
I think it should only be enabled in the dev environment for debugging. You might need to change the
APP_ENV
and/orAPP_DEBUG
environment variables.Might want to change the settings so this isnt public. I can see the actual info of these settings, and so can anyone else.
$_ENV[POSTGRES_USER]
$_ENV[POSTGRES_PASSWORD]