Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Thank you for your efforts for validation and I appreciate that. There is a script running in the background to auto clean the files in static folder every day.


You just admitted you do store images.

Also, you're serving up on http. Don't do that.


They cache images.


I think caching people's sensitive medical history in a way that is publicly accessible is worth calling out; especially as it could be trivially fixed to maintain privacy.


True, it definitely shouldn't be accessible to others.


caching is temporary storage, and as shown elsewhere, they're serving up the site on http with other user's data visible through guessing.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: