Comments (4)
Thanks for useful comments, I am adding auto JavaScript API test checks to my to-do list for the script. Will update this issue once it is done.
from gmapsapiscanner.
On the latest update, I added a new feature which creates the file automatically for manually checking JS API. This would works for the efforts I think and checking with automatically within headless-browser would both need more installation requirements on user & development time with me. So I am closing the ticket since manual confirmation is easy within just opening the file on browser.
from gmapsapiscanner.
@ozguralp As the tool creates automaticaaly a jsapi.html file, I opened it in the browser and it successfully loaded. So should I assume that the API key is vulnerable?? If yes, What will be the impact? can you please guide me?
from gmapsapiscanner.
@ozguralp As the tool creates automaticaaly a jsapi.html file, I opened it in the browser and it successfully loaded. So should I assume that the API key is vulnerable?? If yes, What will be the impact? can you please guide me?
Well it is not well configured for the misuse attacks if it is successfully loaded and you can say it is vulnerable. About the impact, you can read my blog posts referred on the readme section.
from gmapsapiscanner.
Related Issues (14)
- google map in iframe HOT 2
- Add Firebase Cloud Messaging (FCM) check HOT 2
- False positive Embed (Basic) API HOT 2
- Security HOT 1
- Embed API is now unlimited free usage and not a vulnerability HOT 1
- [Feature request] - Referer header for "Custom Search API" endpoint HOT 5
- No module named 'requests' HOT 3
- json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0) HOT 2
- add referer HOT 1
- issue HOT 1
- Embed check will always work HOT 5
- Allow set api_key via command-line argument HOT 1
- Add Containerfile to repo HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gmapsapiscanner.