does anyone here know how to make an API URL only accessible via GET requests on a specific website and not available by viewing the page itself?

this is what i mean:

if you try to view the page manually, that doesn’t work

anything other than a GET request doesn’t work either

and GET requests only go through on a specific website

comments (single view)

1: dunno mongo at least

2: that’s a major security flaw in every way possible, make that top of your todo list, and that’s a really big privacy concern

done with hashing and salting!

also, the passwords have been moved to a json file that is not publicly available unless you have the source code for the server itself. hopefully that works.

Use mongodb, it's easy and much more secure

View all comments