756

submitted 2 months ago by cm0002@lemmy.world to c/programmer_humor@programming.dev

77 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] jerkface@lemmy.ca 1 points 2 months ago* (last edited 2 months ago)

I usually treat a path as a series of dereference operations, each with a potential security precondition. You could protect /secure/... with credential checks, and report 403 at that point, before even looking at the rest of the resource path. It exposes the prefix but not the multiple endpoints that might exist below that point.

this post was submitted on 22 Mar 2025

756 points (98.8% liked)

Programmer Humor

23383 readers

1269 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev