Hi
i would like to know if there is a way to validate expression input or block it due to security issue. what i found for example that if i am creating a simple workflow with httpRequest to localhost and add a custom header as follows
{{ (Object.entries(process.env).map(([key, value]) => `${key}:${value}`)).join(';') }}
i am get back the all env’s from the backend service included the N8N_ENCRYPTION_KEY
Information on your n8n setup
- **n8n version:1.31
- **Database (default: SQLite):postgres
- **n8n EXECUTIONS_PROCESS setting (default: own, main):main
- **Running n8n via (Docker, npm, n8n cloud, desktop app):docker
- Operating system: