So is there a way to list all uploads by hitting /uploads endpoint? (I am not talking about going through all the collections/records to get each individual url associated with the file)
Currently in my default set up, its similar to what @lolafkok is saying, /uploads → returns a 404, which is what I want it to do, but is there a way an attacker can get around it (other then brute force try to guess the urls)