mirror of
https://github.com/tinode/chat.git
synced 2025-03-14 10:05:07 +00:00
470 B
470 B
Security Policy
Reporting a Vulnerability
Please report a vulnerability to security@tinode.co.
What not to report
- Firebase initialization tokens. The Firebase tokens are really public: they must be included into client applications and consequently are not private by design.
- Exposed
/pprofor/expvar. We know they are exposed. It's intentional and harmless. - Exposed Prometheus metrics
/metrics. Like above, it's intentional and harmless.