Report a Dgraph Bug
This path returns status 200 http://localhost:8080/admin/test but it doesn’t exist.
What version of Dgraph are you using?
master
Have you tried reproducing the issue with the latest release?
Yes.
Using fetch you can see details
Response {
_bodySource: ReadableStream { locked: false },
_stream: null,
url: "http://localhost:8080/admin/test",
statusText: "OK",
status: 200,
headers: Headers { date: Thu, 20 Aug 2020 02:47:13 GMT, content-length: 80, content-type: text/plain; charset=utf-8 },
redirected: false,
type: "default"
}
It should be denied as it is a false positive. It took time for me to understand what was happening in a typo - It was a typo, but I didn’t notice cuz the response was a false positive. I saw an “internal error 500” or a long period of loading. But the issue was that Dgraph is setting any path at :8080/
as a valid one.
On Insomnia there is also a false positive, but it returns a text in the response. That response doesn’t come in other tools.