26

So, I just found out a bunch of chrome processes running on the staging server. Very weird, as the server doesn't even have a DE installed, why would someone need chrome running.

Then found out that somebody was spawning chrome headless mode, going to the API url, and saving the page as pdf (calling it generating report)

-_- Very very innovative, So instead of generating the report on the server side and be done with just a single API call, one has to launch a web browser, then GO TO THE DAMN API URL, SAVE PAGE AS PDF.

Comments
  • 7
    That's why access to such environments needs to be restricted
  • 1
    Well, I do something similar to render my angular app for the different search bots and deliver them the HTML page they need.
  • 1
    That crafty bastard hahaha
Your Job Suck?
Get a Better Job
Add Comment