Skip to content

Risk of (accidental) data leakage #272

Description

@JaneX8

I described my security issues with the upload functionality here: https://github.com/orgs/asciinema/discussions/21#discussioncomment-16058041.

I am not sure if PowerSession.exe currently honors these variables, I suggest implementing them for functionality reasons:

export ASCIINEMA_SERVER_URL=http://asciinema.invalid # CLI 3.x
export ASCIINEMA_API_URL=http://asciinema.invalid # CLI 2.x

However I suggest to at least (for now) deviate from the original project by disabling upload before auth was ever used, as I described here: https://github.com/orgs/asciinema/discussions/21#discussioncomment-16058138.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions