DEV Community


Discussion on: Business Rules Must Be Enforced by the API

rlipscombe profile image
Roger Lipscombe

It's not even about "hacking" the browser. The browser's just doing HTTP (or HTTPS) requests. By using Fiddler (Windows) or Charles Proxy (macOS) or Wireshark, you can see the underlying requests. Then you can replicate the requests (with modifications) by simply using curl or Postman (for Chrome) or whatever.

imwiss profile image
Wissam Abirached Author

Absolutely agreed! Those are great tools to understand what's going on in the communication layer. I also often use Postman to fool around with APIs and see how they behave when you try to break them. Thanks for the feedback, Roger.