Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Public IP exposed even when overwritten. #690

Closed
LarveyOfficial opened this issue Apr 19, 2023 · 4 comments
Closed

[Bug] Public IP exposed even when overwritten. #690

LarveyOfficial opened this issue Apr 19, 2023 · 4 comments
Assignees
@MauriceNino
Labels
type: bug

Comments

@LarveyOfficial
Copy link

LarveyOfficial commented Apr 19, 2023
edited
Loading

Description of the bug

Even when you overwrite the public IP as an environment variable in the config, when going to /info, the public IP is still exposed.

How to reproduce

Simply go to /info in the docker container and it will expose your public IP, only way to prevent this is to feed it a custom speedtest json with a fake public IP.

Relevant log output

No response

Info output of dashdot cli

INFO
=========
Yarn: 1.22.19
Node: v18.15.0
Dash: 5.1.3

Cwd: /app
Hash: 386191c474baca48d35d655bf77a8b4953e8645b
In Docker: true
In Podman: false
In Docker (env): true
Done in 0.67s.

What browsers are you seeing the problem on?

Firefox, Chrome, Safari, Microsoft Edge

Where is your instance running?

Linux Server

Additional context

No response
@MauriceNino
Copy link
Owner

Hi there - may I ask why this is a problem? Calling the /info URL also exposes your public IP, as without it, no one would be able to connect to your Dash. instance.

@LarveyOfficial
Copy link
Author

I personally use Cloudflare proxy to hide my public IP, which means anyone can technically go to /info and see my public IP, even when I try to have it hidden.

@MauriceNino
Copy link
Owner

Oh okay that makes total sense. I will look into this.

@MauriceNino MauriceNino self-assigned this Apr 28, 2023
github-actions bot pushed a commit that referenced this issue Apr 29, 2023
@semantic-release-bot
chore(release): 5.2.0 [CI SKIP]
04c2ec3 
# [5.2.0](v5.1.3...v5.2.0) (2023-04-29)

### Bug Fixes

* also hide hidden storage labels on multiple drives ([213b73e](213b73e)), closes [#716](#716)
* dont crash on missing network interface speed ([c62ba63](c62ba63)), closes [#715](#715) [#727](#727)
* hide public ip, if not included in label list ([ccf7d12](ccf7d12)), closes [#690](#690)
* **view:** remove not broadly supported ECMA Script features in the frontend ([5ba5ed2](5ba5ed2))

### Features

* allow adjusting of items per page in multi-drive storage widget ([54be449](54be449))
@github-actions
Copy link
Contributor

🎉 This issue has been resolved in version 5.2.0

Please check the changelog for more details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MauriceNino MauriceNino

Labels
type: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MauriceNino @LarveyOfficial