does anyone here know how to make an API URL only accessible via GET requests on a specific website and not available by viewing the page itself?
this is what i mean:
if you try to view the page manually, that doesn’t work
anything other than a GET request doesn’t work either
and GET requests only go through on a specific website
would you recommend using google firebase or something else?
not yet, right now passwords are only base64 encoded. i’ll look into hashing and salting though
1: dunno mongo at least
2: that’s a major security flaw in every way possible, make that top of your todo list, and that’s a really big privacy concern
done with hashing and salting!
also, the passwords have been moved to a json file that is not publicly available unless you have the source code for the server itself. hopefully that works.