devabhishekpal commented on PR #7733: URL: https://github.com/apache/ozone/pull/7733#issuecomment-2618456210
Yes @adoroszlai, you are correct. In fact it is only when developing for Recon / running the Vite development server. So when we execute `pnpm8 start` - which we use to locally view the app, that will start up the dev server. This is when the CVE will be applicable. Once the files are built/transpiled it won't be affected by this, since the app is then not being served by the dev server. Also we would be having CORS policies effective to prevent such cross origin site requests. We should be good to close this change -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org For additional commands, e-mail: issues-h...@ozone.apache.org
