This is probably outside the scope of ShinyProxy, maybe more of a Shiny question.
The security guy in our organization ran an off the shelf scan on our ShinyProxy apps. It came out pretty good. One thing that has me, is that the app sent some http requests, POST etc. with query parameters. The app returned a 500 internal error. I’m not sure that there wasn’t something else going, maybe a memory error from essentially a DOS attack. However, it got me to thinking. Since my shiny app doesn’t do anything with query strings or POST content, it is kind of a security issue because Shiny does process these strings, and the query string is there in the session data. Is there any way to filter these kinds of requests out and return an error code like 400 bad request?
I know in some instances it may be legitimate to handle query strings or POST content maybe if one app launches another.