@kyprizel reported that debugging output from our GitHub Pages infrastructure could be disclosed if a specific user-agent was used in requests to a GitHub Pages site. The disclosed information was found to not contain sensitive data. However, given the caching of our GitHub Pages infrastructure, this could be used to force a targeted GitHub Pages site to return the debug information instead of the intended site content for other users.

We addressed the behavior by removing support for debug requests within GitHub Pages.