thomiceli
Anonymous user can easily find unlisted gist by simply using search box
Anonymous user can easily find unlisted git just by trying some keywords in the search box. In my opinion, he shouldn't have access to these git without being logged or knowing the exact URL. Or is it a normal way of working ? Thanks for this great tool.
Can't replicate, take this gist: https://demo.opengist.io/thomas/5a5c022d27a4486f965efa03239fc610
It doesn't appear (if you're not logged as thomas) in the search results:
https://demo.opengist.io/search?q=package+web
https://demo.opengist.io/search?q=user%3Athomas
https://demo.opengist.io/search?q=title%3Asession
etc.
I can replicate…
https://demo.opengist.io/search?q= (going in search box, and hit ‘enter’
De : Thomas Miceli @.> Envoyé : mardi 3 septembre 2024 17:26 À : thomiceli/opengist @.> Cc : Nicolas Pirmez @.>; Author @.> Objet : Re: [thomiceli/opengist] Anonymous user can easily find unlisted gist by simply using search box (Issue #309)
Can't replicate, take this gist: https://demo.opengist.io/thomas/5a5c022d27a4486f965efa03239fc610
It doesn't appear (if you're not logged as thomas) in the search results: https://demo.opengist.io/search?q=package+web https://demo.opengist.io/search?q=user%3Athomas https://demo.opengist.io/search?q=title%3Asession etc.
— Reply to this email directly, view it on GitHubhttps://github.com/thomiceli/opengist/issues/309#issuecomment-2326813370, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BGSCUY225CALGALKRDJ4VVTZUXIKJAVCNFSM6AAAAABL66M7HSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMRWHAYTGMZXGA. You are receiving this because you authored the thread.Message ID: @.@.>>