1) Do you have a working exploit for this?
2) My first idea on solving this is to use system used in the proxy server: mark public methods with the public() decorator and deny requests not marked as public. Do you think that would solve this issue?
1) Do you have a working exploit for this?
2) My first idea on solving this is to use system used in the proxy server: mark public methods with the public() decorator and deny requests not marked as public. Do you think that would solve this issue?