DEV Community


Discussion on: How to make the internet a safer place as a developer

shadowtime2000 profile image

I would like to echo the statement made about not exposing data. Yes, you should only expose information in endpoints that is used by the frontend, but some data shouldn't have endpoints. I have found many websites where they have endpoints for stuff like survey responses, with full names and emails. Data like that should just be accessed with a desktop database client.