Help

DiscussCategory: General questionsAbout UID in the config to startup the editor
Federico asked 3 weeks ago

I’m bit worried about the uid. It is used to calculate the billing at the end of the month but it’s an information exposed client side and seems there isn’t any relation between token (obtained by oauth) and the uid of a single BeeEditorInstance.

If a malevolent user that use my application that implements beeplugin, simply put a breakpoint in js execution in his browser, reads the token object then he can easly create like a thousands of instances of BeeEditor with random uids increasing my monthly bill by infinite amount!

What’s suppose to be the protection against these malevolent behaviors?

I came at this conclusion because i simply create 2 dummy applications and tried to load 2 editor instances with different uid but with the same token.

Thanks

Federico

1 Answers
Thomas answered 2 weeks ago

We reported the same concern and were told that there would be no settlement in this case.

The encoding of the UserID into the token would be desirable.

Your Answer