Description
Issue Description
I am using Parse-server as a backend for my website. Every thing looks work well. But when I tried to open the images which are store on my backend, the url of images show server url and app id. Also, when I check the payload of HTTP Request, it shows the app id there.
I think I did something wrong with parse server config but I am not sure. If someone have server url and app id, he can change my database. Is this an issue with Parse or is this my mistake?
Steps to reproduce
From my website, right click on any image > Open Image In New Tab. The image will be opened in new tab, the url of image contains server url and app id.
Expected Results
Somehow to hide or change the server url and app id.
Actual Outcome
The server url and app id are showing.
Environment Setup
-
Server
- parse-server version (Be specific! Don't say 'latest'.) : [any version]
- Operating System: [Linux - Ubuntu 16.04]
- Hardware: [Not sure]
- Localhost or remote server? (AWS, Heroku, Azure, Digital Ocean, etc): [Digital Ocean]
-
Database
- MongoDB version: [any version]
- Storage engine: [Local storage]
- Hardware: [Not sure]
- Localhost or remote server? (AWS, mLab, ObjectRocket, Digital Ocean, etc): [Digital Ocean]
Logs/Trace
Include all relevant logs. You can turn on additional logging by configuring VERBOSE=1 in your environment.