|
|
|
|
|
|
by throwaway74829
1342 days ago
|
|
|
Permissions is the big one. Second is potential for DDoS (either intentionally or unintentionally). Third is possibility of "oopsies" via me intentionally or unintentionally including my passwords/sensitive info/what have you in the POST body. Now you have to add branch to look for and scrub sensitive info in your logger -- otherwise my PII has now been logged (and if I were a massive asshole looking for a quick payday, I could throw up a fuss). It's fine in dev, but shouldn't be in prod. Too much liability. |
|
|