issues Search Results · language:Dune language:JavaScript language:JavaScript language:JavaScript
Filter by
18.9M results
Description
CORS is either not configured or is set to allow all origins (*), which is suitable for development but dangerous for
production. Production should restrict CORS to the specific frontend domain. ...
Siddh2024
Description
The API endpoints do not limit incoming request body sizes. An attacker can send extremely large payloads to exhaust
server memory and CPU, causing a denial of service.
Suggested Fix
Implement ...
Description
The destination search input sends an API request on every keystroke without debouncing, causing excessive Google Maps
Places API calls and hitting rate limits.
Suggested Fix
Implement 300ms ...
Description
When searching for destinations, if the Google Maps Places API returns zero results, the application shows an empty list
with no message indicating no results were found.
Suggested Fix
Display ...
Description
The travel planning form accepts dates in the past without validation. Users can create trips with start dates that have
already passed, causing logical errors in the itinerary.
Suggested ...
Description
When generating AI-powered itineraries, no loading indicator is shown. Users see a blank or frozen screen while waiting,
not knowing if the generation is in progress or failed.
Suggested ...
Description
Pages that fetch data from Firestore or other backends lack loading states. Users see a flash of white/empty content
while data loads, creating a poor first-impression experience.
Suggested ...
Description
The Firestore security rules appear to allow broad read access to user documents. If the rules are not properly scoped,
any authenticated (or even unauthenticated) user could read other users ...
Description
User-created trip plans are not saved to localStorage or any backend. All planning data is lost when the page is
refreshed or the browser tab is closed.
Impact
- Users lose all their planning ...
Description
In app/globals.css, a global CSS rule forces custom scrollbar styling on ALL scrollable elements, including third-party
embedded widgets and modals:
*::-webkit-scrollbar { ... }
*::-webkit-scrollbar-thumb ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.