Security issues - Githubissues

SpyCop / cleanup-logger

Node.js Web application for visual logging on OSM of stray litter cleanup

0 stars 0 forks source link

Security issues #12

Open SpyCop opened 2 years ago

SpyCop commented 2 years ago

This issue is the breeding ground for potential security issues by providing a discussion space

SpyCop commented 2 years ago

Two security issues that I thought of:

User sessions/logins: Do we want to restrict access to the app based on some kind of authentication? How do we keep it simple? relevant also in #5
Do we need to encrypt/encode data that is stored in the data base? For example notes (#8) might be dangerous

SpyCop commented 2 years ago

Another problem might be that putting the JS on the page exposes the endpoints of the back end, which will require proper authentication between the front and back end