Spaces:

Prav51
/

text-to-image-hf-playground

Running

⚠️ You might be exposing a secret token, is this intended?

by token-scanner - opened Jul 4

Jul 4

Please check Space app file as you might be exposing a secret token.
We recommend you to use Repository secrets (env variables) in your Space settings. Afterwards, you can use it like:

import os
SECRET_TOKEN = os.getenv("SECRET_TOKEN")

Read more here. Once this is fixed, we strongly advise you to invalidate or delete your secret so that no one else can use it. In case of a Hugging Face token, you can do this in your settings.

Prav51

Owner Jul 4

Yes I have checked and corrected the code. There is no hardcoded token in my application. The application includes only a form to temporarily enter a token, which is used to generate images using the user's own token. The application does not save these tokens anywhere; it only uses the entered token to send the API request.

Prav51 changed discussion status to closed Jul 4

Upload images, audio, and videos by dragging in the text input, pasting, or clicking here.

Tap or paste here to upload images

· Sign up or log in to comment