Skip to content

Information Disclosure: Exposed Config File

Identifier: exposed_config_file

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

This vulnerability occurs when JavaScript configuration objects are exposed on the window object (e.g., window.config, window.env, window.settings), potentially revealing sensitive information such as API endpoints, authentication tokens, feature flags, internal service URLs, and other configuration details. Attackers can easily access these exposed configurations through browser DevTools or by simply viewing the page source, which may provide them with valuable reconnaissance information about your application's architecture and potentially sensitive credentials. This commonly happens when developers expose configuration for client-side JavaScript convenience without considering the security implications. Even seemingly harmless configuration data can help attackers map your infrastructure and identify attack vectors. The risk escalates significantly if actual secrets or tokens are included in these exposed configurations.

Configuration

Example

Example configuration:

---
security_tests:
  exposed_config_file:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.