solid-primitives icon indicating copy to clipboard operation
solid-primitives copied to clipboard
verified publisher icon solidjs-community

Documentation Website leverages Error information

Open FrauElster opened this issue 1 year ago • 1 comments

Describe the bug

Hi guys, not sure if you are aware, but a type on a link shows a stacktrace where you dynamically import stuff from you _generated directory. I am not a pentester and maybe this is quite alright, but I think this leverages more information than it should. I could imagine one trying out some different file patterns just to check whats in your directories.

Screenshot 2024-03-04 at 08 42 54

Minimal Reproduction Link

https://primitives.solidjs.community/package/resource)

FrauElster avatar Mar 04 '24 07:03 FrauElster

I don't think there is anything wrong with that stacktrace? I mean it's a shame that the import paths to _generated/... gets preserved, but I think it's fine. But the fact that the import throws when the path is not found probably should get fixed.

thetarnav avatar Mar 04 '24 10:03 thetarnav