Email Domains may lead to Data Leak #22
Assignees
Labels
bug
Something isn't working
enhancement
New feature or request
help wanted
Extra attention is needed
Comments
|
I agree with you. |
|
Thanks, @Akshu-on-github @aayushi-droid for pointing out the issue. would you like to make the suggested change? |
codeperfectplus
added
bug
|
Yes please! Which method should I implement? |
|
Change the email domain to @example.com as suggested by you and keep the username as it also deletes the email_domains.txt file. |
|
@Akshu-on-github are you working on the issue? |
|
@codeperfectplus - yes, I am! |
3 tasks
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Context
If an email domain is chosen at random, there is a chance that a real person would get a email with potentially sensitive info when a developer is testing. Even if a certain domain is not used now, there is no guarantee that it will remain unused in the future.
This problem can be circumvented using the
@exampledomain that is reserved for research and testing purposesWhat I'd suggest
Delete the list of email domains under the assets folder and have a static value for the email domain
Alternatively, store random email usernames in the text file and append the
@exampledomain ([email protected])The text was updated successfully, but these errors were encountered: