The public page for testing crystal code is excessively leaky when it comes to privacy. The code repositories (stored on the server) are assigned unique sequential IDs that are easy to browse. The page does not make it clear that any code posted can be easily seen by other visitors.
While I agree that it’s just a testing area, I believe users have a reasonable expectation that their private testing is not visible to anyone else with a browser and a few seconds to edit the URL. The very simple patch would be to use randomized IDs for new code rather than sequential ones. This would make it very difficult to stumble upon another users code instead of trivial.
I believe he refers to the nature of the encoded IDs added to the URL which are prone to some sort of enumeration leak.
Example: https://play.crystal-lang.org/#/r/hkhu
Where hkhu is the ID.
Changing it to hkht or hkhr shows previous scripts submitted by others.
I’m not sure where is the code for the online playground lives (I know is also served at carc.in). Perhaps the core team can point the right individual or better the repository so a PR could be sent
In the meantime, given the nature of this being a public playground, it should be treated like that: a public resource with no guarantee for privacy. Be careful with your secret money maker programs!
Yeah, I think that’s the main point: You’re uploading code to a random server on the internet of which you may not even know what exactly it does and who operates it. So obviously, anything you send there should not be confidential. It’s impossible for you to follow where it goes and who has access to the data. Even if IDs would be harder to guess.
Sequential IDs make it easy for anyone to access the runs publicly. But that wouldn’t be impossible if the IDs were not sequential.
IMO sequential IDs might even be a good reminder that the code you send there should be considered public.
Of course, some explicit notes about that wouldn’t hurt.
Of course, some explicit notes about that wouldn’t hurt.
I agree that people are uploading code to a random anonymous server on the Internet, so it’s less about ‘keeping’ it private and more about being explicit that it isn’t.
I still think non-sequential IDs would be the more appropriate method, as that is a very common pattern on the 'Net as well as being generally simple to implement. I’ll post an issue on the GitHub, thank you for the URL.
