René's URL Explorer Experiment

Title: Finders should return nil instead of raising security violations · Issue #117 · hyperstack-org/hyperstack · GitHub

Open Graph Title: Finders should return nil instead of raising security violations · Issue #117 · hyperstack-org/hyperstack

X Title: Finders should return nil instead of raising security violations · Issue #117 · hyperstack-org/hyperstack

Description: For example consider: Customers.find_by_handle('catmando') if 'catmando' exists but the client does not have permission to view the data it will throw an error. if 'catmando' does not exist it will just return nil. so a hacker could use ...

Open Graph Description: For example consider: Customers.find_by_handle('catmando') if 'catmando' exists but the client does not have permission to view the data it will throw an error. if 'catmando' does not exist it will...

X Description: For example consider: Customers.find_by_handle('catmando') if 'catmando' exists but the client does not have permission to view the data it will throw an error. if 'catmando'...

Opengraph URL: https://github.com/hyperstack-org/hyperstack/issues/117

X: @github

direct link

Domain: github.com

Hey, it has json ld scripts:

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Finders should return nil instead of raising security violations","articleBody":"For example consider:\r\n\r\n`Customers.find_by_handle('catmando')`\r\n\r\nif 'catmando' exists but the client does not have permission to view the data it will throw an error.\r\n\r\nif 'catmando' does not exist it will just return nil.\r\n\r\nso a hacker could use this to easily check if specific data exists or not.\r\n\r\nSolution is just to return nil always unless the client has permission to view at least one attribute in the record.","author":{"url":"https://github.com/catmando","@type":"Person","name":"catmando"},"datePublished":"2019-01-28T16:49:29.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/117/hyperstack/issues/117"}

route-pattern	/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controller	voltron_issues_fragments
route-action	issue_layout
fetch-nonce	v2:bb92e008-6af0-9a4a-d10f-910ec1e8977d
current-catalog-service-hash	81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-id	8E4C:7FA75:F0AE96:13849F8:69920A5E
html-safe-nonce	17e0957574454588f01b6fe0f637c630f8109d258280be90eec4641f2cc4fe9f
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4RTRDOjdGQTc1OkYwQUU5NjoxMzg0OUY4OjY5OTIwQTVFIiwidmlzaXRvcl9pZCI6IjQ5NTM4NjM3MTEwMjg4MDgyODYiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmac	c1513bc9ed584941392087de8be6dcb1882ff9de8d33e93a50090ce098299048
hovercard-subject-tag	issue:403907671
github-keyboard-shortcuts	repository,issues,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/issues_fragments/issue_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/hyperstack-org/hyperstack/117/issue_layout
twitter:image	https://opengraph.githubassets.com/7859178208736e8bd5fb3d88960def39a9aa334033f72c220729425fdb902b5a/hyperstack-org/hyperstack/issues/117
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/7859178208736e8bd5fb3d88960def39a9aa334033f72c220729425fdb902b5a/hyperstack-org/hyperstack/issues/117
og:image:alt	For example consider: Customers.find_by_handle('catmando') if 'catmando' exists but the client does not have permission to view the data it will throw an error. if 'catmando' does not exist it will...
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	catmando
hostname	github.com
expected-hostname	github.com
None	42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b
turbo-cache-control	no-preview
go-import	github.com/hyperstack-org/hyperstack git https://github.com/hyperstack-org/hyperstack.git
octolytics-dimension-user_id	34562730
octolytics-dimension-user_login	hyperstack-org
octolytics-dimension-repository_id	145879576
octolytics-dimension-repository_nwo	hyperstack-org/hyperstack
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	145879576
octolytics-dimension-repository_network_root_nwo	hyperstack-org/hyperstack
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	848bc6032dcc93a9a7301dcc3f379a72ba13b96e
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://github.com/hyperstack-org/hyperstack/issues/117#start-of-content
	https://github.com/
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fhyperstack-org%2Fhyperstack%2Fissues%2F117
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fhyperstack-org%2Fhyperstack%2Fissues%2F117
Sign up	https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=hyperstack-org%2Fhyperstack
Reload	https://github.com/hyperstack-org/hyperstack/issues/117
Reload	https://github.com/hyperstack-org/hyperstack/issues/117
Reload	https://github.com/hyperstack-org/hyperstack/issues/117
hyperstack-org	https://github.com/hyperstack-org
hyperstack	https://github.com/hyperstack-org/hyperstack
Notifications	https://github.com/login?return_to=%2Fhyperstack-org%2Fhyperstack
Fork 39	https://github.com/login?return_to=%2Fhyperstack-org%2Fhyperstack
Star 540	https://github.com/login?return_to=%2Fhyperstack-org%2Fhyperstack
Code	https://github.com/hyperstack-org/hyperstack
Issues 164	https://github.com/hyperstack-org/hyperstack/issues
Pull requests 27	https://github.com/hyperstack-org/hyperstack/pulls
Actions	https://github.com/hyperstack-org/hyperstack/actions
Wiki	https://github.com/hyperstack-org/hyperstack/wiki
Security 0	https://github.com/hyperstack-org/hyperstack/security
Insights	https://github.com/hyperstack-org/hyperstack/pulse
Code	https://github.com/hyperstack-org/hyperstack
Issues	https://github.com/hyperstack-org/hyperstack/issues
Pull requests	https://github.com/hyperstack-org/hyperstack/pulls
Actions	https://github.com/hyperstack-org/hyperstack/actions
Wiki	https://github.com/hyperstack-org/hyperstack/wiki
Security	https://github.com/hyperstack-org/hyperstack/security
Insights	https://github.com/hyperstack-org/hyperstack/pulse
New issue	https://github.com/login?return_to=https://github.com/hyperstack-org/hyperstack/issues/117
New issue	https://github.com/login?return_to=https://github.com/hyperstack-org/hyperstack/issues/117
Finders should return nil instead of raising security violations	https://github.com/hyperstack-org/hyperstack/issues/117#top
securityIssue effects security	https://github.com/hyperstack-org/hyperstack/issues?q=state%3Aopen%20label%3A%22security%22
alpha1.4	https://github.com/hyperstack-org/hyperstack/milestone/2
	https://github.com/catmando
	https://github.com/catmando
catmando	https://github.com/catmando
on Jan 28, 2019	https://github.com/hyperstack-org/hyperstack/issues/117#issue-403907671
securityIssue effects security	https://github.com/hyperstack-org/hyperstack/issues?q=state%3Aopen%20label%3A%22security%22
alpha1.4	https://github.com/hyperstack-org/hyperstack/milestone/2
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.