Closed mtrezza closed 3 years ago
@dblythy What do you think?
I think this an improvement. I think this is a good edition as I think this concern is probably relevant to returning objects from cloud functions, such as:
Parse.Cloud.define('getStats', async () => {
const stat = await new Parse.Query('SecureStat').first({useMasterKey:true});
return stat; // insecure returns whole object (I think)
return stat.get('count') // only return relevant fields
});
I like the idea of a security section and think it will continue to grow as we continue to evolve the docs to recommend best practice guidelines.
Based on https://github.com/parse-community/docs/pull/821, this PR
Security
section to give it more prominence