Comment by theogravity
Comment by theogravity 8 days ago
Thanks for the article. Made me check our dev and prod API servers to make sure we weren't exposing the OpenAPI UI / JSON descriptor routes.
Comment by theogravity 8 days ago
Thanks for the article. Made me check our dev and prod API servers to make sure we weren't exposing the OpenAPI UI / JSON descriptor routes.
Hopefully those endpoints do a better job with authorization than these did