Server-side request forgery when using `fetch` in a component: fact or fiction?
Unanswered
Podenco Valenciano posted this in #help-forum
Podenco ValencianoOP
Hi all.
I got a server-side request forgery warning on GitHub regarding a
My understanding was that
But maybe I'm fundamentally misunderstanding something and this risk is real. Can you explain?
I got a server-side request forgery warning on GitHub regarding a
fetch
in a component, which is using inputs from the URL. (https://github.com/solana-labs/governance-ui/pull/1846#pullrequestreview-1652119579)My understanding was that
fetch
is just a browser API that has nothing to do with the server, even if SSR can use it at build time. So this warning is mistaken.But maybe I'm fundamentally misunderstanding something and this risk is real. Can you explain?
3 Replies
that error makes zero sense.
the github bot needs to be addressed.
Podenco ValencianoOP
OK cool.