8bit's profile @8bit

does anyone here know how to make an API URL only accessible via GET requests on a specific website and not available by viewing the page itself?

this is what i mean:

if you try to view the page manually, that doesn’t work

anything other than a GET request doesn’t work either

and GET requests only go through on a specific website

Sep 18, 2022, 2:32 PM
1 0 9

comments (single view)

View parent
wynd's profile @wynd Sep 19, 2022, 1:33 AM

1: dunno mongo at least

2: that’s a major security flaw in every way possible, make that top of your todo list, and that’s a really big privacy concern

8bit's profile @8bit Sep 19, 2022, 11:31 AM

got it

8bit's profile @8bit Sep 19, 2022, 4:51 PM

done with hashing and salting!

also, the passwords have been moved to a json file that is not publicly available unless you have the source code for the server itself. hopefully that works.

oren's profile @oren Sep 21, 2022, 1:23 PM

Use mongodb, it's easy and much more secure

View all comments