mtrezza
commented
3 years ago @dblythy What do you think?
Closed mtrezza closed 3 years ago
mtrezza
commented
3 years ago @dblythy What do you think?
dblythy
commented
3 years ago I think this an improvement. I think this is a good edition as I think this concern is probably relevant to returning objects from cloud functions, such as:
Parse.Cloud.define('getStats', async () => {
const stat = await new Parse.Query('SecureStat').first({useMasterKey:true});
return stat; // insecure returns whole object (I think)
return stat.get('count') // only return relevant fields
});I like the idea of a security section and think it will continue to grow as we continue to evolve the docs to recommend best practice guidelines.
Based on https://github.com/parse-community/docs/pull/821, this PR
Securitysection to give it more prominence