DEV Community

loading...

Discussion on: How to make the internet a safer place as a developer

Collapse
shadowtime2000 profile image
shadowtime2000

I would like to echo the statement made about not exposing data. Yes, you should only expose information in endpoints that is used by the frontend, but some data shouldn't have endpoints. I have found many websites where they have endpoints for stuff like survey responses, with full names and emails. Data like that should just be accessed with a desktop database client.