/api.php?recentBlocked Not Working #3980
Labels
Issue: Won't Fix
Intended behavior, will not be fixed
Comments
|
has anyone looked into this yet? |
|
This is intended behavior. You'll need to be logged in or pass the auth token to access that information now. |
|
thank you, thats my bad for not reading the pull requests. |
|
It shouldn't have been exposed without password before so this was fixing incorrect behavior now. Assuming someone continuously scanning the API endpoint. They could reconstruct your entire list of blocked domains. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Versions
Platform
Expected behavior
/api.php?recentBlocked should return last blocked domain
A clear and concise description of what you expected to happen.
Actual behavior / bug
/api.php?recentBlocked returns []
A clear and concise description of what the bug is.
Steps to reproduce
http://ip/admin/api.php?recentBlocked
Steps to reproduce the behavior:
Debug Token
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: