Security Concern #1

rohan-kulkarni-25 · 2022-07-16T09:36:36Z

In script.js client id is visible which is auth token for accessing the API that should not be leaked. Please remove the client id from file.
You can add that in env and use it from there !!!

Thanks

Line 1 in b353fb4

let client_id ="9dXTXufmPAO5E6Ydr7ebx6K_3a-kt3MbuM1i-gXVA-M";

misbaa · 2022-07-16T11:32:25Z

Thanks for telling I actually wanted to submit an assignment via github i'll remove it

On Sat, 16 Jul, 2022, 3:06 pm Rohan Kulkarni, ***@***.***> wrote: - In script.js client id is visible which is auth token for accessing the API that should not be leaked. Please remove the client id from file. - You can add that in env and use it from there !!! Thanks https://github.com/misbaa/Unsplash-API/blob/b353fb4effefb90fddc3627f7b4bea87ac1983e4/Unsplash-API/script.js#L1 — Reply to this email directly, view it on GitHub <#1>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AQJT4KROVZCKSQRCRLQOWMTVUJ7C5ANCNFSM53XZ6WDA> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

rohan-kulkarni-25 · 2022-07-16T11:33:21Z

Great !! 👍

On Sat, Jul 16, 2022, 5:02 PM misbaa ***@***.***> wrote: Thanks for telling I actually wanted to submit an assignment via github i'll remove it On Sat, 16 Jul, 2022, 3:06 pm Rohan Kulkarni, ***@***.***> wrote: > > - In script.js client id is visible which is auth token for accessing > the API that should not be leaked. Please remove the client id from file. > - You can add that in env and use it from there !!! > > Thanks > > > https://github.com/misbaa/Unsplash-API/blob/b353fb4effefb90fddc3627f7b4bea87ac1983e4/Unsplash-API/script.js#L1 > > — > Reply to this email directly, view it on GitHub > <#1>, or unsubscribe > < https://github.com/notifications/unsubscribe-auth/AQJT4KROVZCKSQRCRLQOWMTVUJ7C5ANCNFSM53XZ6WDA > > . > You are receiving this because you are subscribed to this thread.Message > ID: ***@***.***> > — Reply to this email directly, view it on GitHub <#1 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ASIJKM7Q6K4TL6PJPTWXSU3VUKMVJANCNFSM53XZ6WDA> . You are receiving this because you authored the thread.Message ID: ***@***.***>

Provide feedback