CommunityNews
False security: Dashy's client-side authentication
False security: Dashy’s client-side authentication.
Update 3/28: The devs have announced that the auth system is to be deprecated. See details below.
About a month ago, I went looking for a dashboard for my homelab—something to help visualize the services I run. I found Dashy, a popular (14.6k GitHub stars) dashboard designed for self-hosters. I deployed it and started configuring it, but noticed that something about its authentication felt off. I started digging and quickly found its security to be borderline useless, permitting unauthenticated reads and writes of its configuration.
Read in full here:
This thread was posted by one of our members via one of our news source trackers.
Popular General Dev topics
skiftOS is a simple, handmade operating system for the x86 platform, aiming for clean and pretty APIs while keeping the spirit of UNIX.
s...
New
As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threa...
New
https://permission.site/
This thread was posted by one of our members via one of our news source trackers.
New
F# Is The Best Coding Language Today.
If you want to personally pick up a programming language in order to become a better coder in what...
New
New
Apple’s Tim Cook to take 50% pay hit after shareholder feedback.
‘Target compensation’ for CEO down from $99.4m in 2022 to an expected $...
New
Dark mode isn’t as good for your eyes as you believe.
The shadowy display mode has leagues of fans claiming it helps reduce eye strain, ...
New
Why Ruby on Rails still matters.
An old tool endures in a Next.js world
New
Rendering Action Mailer emails with Phlex components and layouts: Clean, Composable, and Completely Ruby - Blog post by Camillo Visini
New
Ah, the eternal question, straight from the mailbag.
New
Other popular topics
Reading something? Working on something? Planning something? Changing jobs even!?
If you’re up for sharing, please let us know what you’...
New
Algorithms and data structures are much more than abstract concepts. Mastering them enables you to write code that runs faster and more e...
New
Machine learning can be intimidating, with its reliance on math and algorithms that most programmers don't encounter in their regular wor...
New
My first contact with Erlang was about 2 years ago when I used RabbitMQ, which is written in Erlang, for my job. This made me curious and...
New
Rust is an exciting new programming language combining the power of C with memory safety, fearless concurrency, and productivity boosters...
New
New
Develop, deploy, and debug BEAM applications using BEAMOps: a new paradigm that focuses on scalability, fault tolerance, and owning each ...
New
Hello,
I’m a beginner in Android development and I’m facing an issue with my project setup. In my build.gradle.kts file, I have the foll...
New
A concise guide to MySQL 9 database administration, covering fundamental concepts, techniques, and best practices.
Neil Smyth
MySQL...
New
Open-source implementation of the classic GTA engine now running directly in your browser. Experience the reVC technology demo on DOS.Zon...
New
Categories:
Sub Categories:
- All
- In The News
- Dev Chat (207)
- Questions (36)
- Resources (122)
- Blogs/Talks (27)
- Jobs (3)
- Events (15)
- Code Editors (59)
- Hardware (60)
- Reviews (5)
- Sales (16)
- Design & UX (5)
- Marketing & SEO (2)
- Industry & Culture (14)
- Ethics & Privacy (19)
- Business (4)
- Learning Methods (6)
- Content Creators (7)
- DevOps & Hosting (12)
Popular Portals
- /elixir
- /rust
- /wasm
- /ruby
- /erlang
- /phoenix
- /keyboards
- /python
- /js
- /rails
- /security
- /go
- /swift
- /vim
- /clojure
- /java
- /emacs
- /haskell
- /typescript
- /svelte
- /onivim
- /kotlin
- /c-plus-plus
- /crystal
- /tailwind
- /react
- /gleam
- /ocaml
- /elm
- /flutter
- /vscode
- /ash
- /html
- /deepseek
- /zig
- /opensuse
- /centos
- /php
- /scala
- /react-native
- /lisp
- /textmate
- /sublime-text
- /nixos
- /debian
- /agda
- /deno
- /django
- /kubuntu
- /arch-linux
- /nodejs
- /spring
- /ubuntu
- /revery
- /manjaro
- /julia
- /lua
- /diversity
- /quarkus
- /markdown









