Add Testbox runner to sensitive paths in production profile

Description

When CommandBox is in production profile and has web.blockSensitivePaths enabled, also block these

as those paths can be exploitable in older versions of TestBox and should not be visible on a server installation. The web.blockSensitivePaths setting is on by default even for development profile, but these paths will only be blocked if blockSensitivePaths is enabled AND the profile is production.

Fixed

Assignee

Brad Wood

Reporter

Brad Wood

Labels

None

Affects versions

None

Fix versions

Priority

Major
Configure