Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Redux Dev Tool Extension can access the state in production
See original GitHub issueDescribe the bug In the freecodecamp.org website, Redux dev tools extension can be used to access the current and previous state. It may be noted that, actions can not be dispatched through the Redux Dev Tool extension.
To Reproduce Steps to reproduce the behavior:
- Go to ‘freecodecamp.org’
- Click on the Redux Dev Tools Extension
Expected behavior It is widely accepted as a best practice to not have development/debugging features in the production codebase. So, in the current context the Redux Dev Tools shouldn’t be able to access the state.
Screenshots
Desktop (please complete the following information):
- OS: Windows 10 (64 Bit)
- Browser: Google Chrome
- Version: Version 81.0.4044.122 (Official Build) (64-bit)
Additional context Redux Dev Tools Extension can be found here.
It seems that the __REDUX_DEVTOOLS_EXTENSION__ was exposed to the global window object
which allows the Redux Dev Tool extension to read state. While bundling for the production codebase, this should be removed to avoid such behaviour.
Issue Analytics
- State:
- Created 3 years ago
- Comments:11 (11 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Why not just use
composeorcomposeWithDevToolsdepending on the value ofFREECODECAMP_NODE_ENV?Thanks for your patience, we will review the PR in due course.