rayfarias56
commented
8 years ago This issue will now focus specifically on using a security filter to reject unauthenticated users to specific resources with the creation of #28
Closed rayfarias56 closed 8 years ago
rayfarias56
commented
8 years ago This issue will now focus specifically on using a security filter to reject unauthenticated users to specific resources with the creation of #28
rayfarias56
commented
8 years ago
Without any form of session management then anyone with cURL (or similar) can send a DELETE request to the right url and mess with our database. I've never tackled this before, but this would be a good place to start: https://www.owasp.org/index.php/REST_Security_Cheat_Sheet.