The WebUI leaks the RestAPI and Websocket tokens in the javascript source code! These should not be reflected back to the user as that can lead to unintended requests through for example XSS.
API Bearer Token
Websocket Token
The text was updated successfully, but these errors were encountered:
The WebUI leaks the RestAPI and Websocket tokens in the javascript source code! These should not be reflected back to the user as that can lead to unintended requests through for example XSS.
API Bearer Token
Websocket Token
The text was updated successfully, but these errors were encountered: