Skip to content

[Bug] There is a risk of sourcemap file leakage #3204

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
zhainanshidai opened this issue Jun 6, 2025 · 2 comments
Closed

[Bug] There is a risk of sourcemap file leakage #3204

zhainanshidai opened this issue Jun 6, 2025 · 2 comments
Assignees

Comments

@zhainanshidai
Copy link

Contact Information

No response

MaxKB Version

1.10.8

Problem Description

/static/rest_framework/css/bootstrap.min.css.map

/static/drf-yasg/swagger-ui-dist/swagger-ui.css.map
存在sourcemap文件泄露风险

  1. 对于vue,需修改配置关闭SourceMap,项目路径下更改src/config/index.js中的参数参照如下:productionSourceMap:false

  2. 对于react-cli,需修改配置关闭SourceMap,在配置 nodejs 运行时候的环境变量,将传入 GENERATE_SOURCEMAP 值为 false;或在项目路径下更改/webpack.config.js中的参数参照如下:const shouldUseSourceMap = false;

Steps to Reproduce

/static/rest_framework/css/bootstrap.min.css.map

/static/drf-yasg/swagger-ui-dist/swagger-ui.css.map
存在sourcemap文件泄露风险

  1. 对于vue,需修改配置关闭SourceMap,项目路径下更改src/config/index.js中的参数参照如下:productionSourceMap:false

  2. 对于react-cli,需修改配置关闭SourceMap,在配置 nodejs 运行时候的环境变量,将传入 GENERATE_SOURCEMAP 值为 false;或在项目路径下更改/webpack.config.js中的参数参照如下:const shouldUseSourceMap = false;

The expected correct result

No response

Related log output

Additional Information

No response

@shaohuzhang1 shaohuzhang1 changed the title [Bug] 存在sourcemap文件泄露风险 [Bug] There is a risk of sourcemap file leakage Jun 6, 2025
@liqiang-fit2cloud
Copy link
Member

项目本来就是开源的,源码都是开放的。

@shaohuzhang1
Copy link
Contributor

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿


The project is originally open source, and the source code is open.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants