If spammers can abuse something, they gonna abuse it

  • TigrisMorte@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    9 months ago

    “framework”, found your problem. Frameworks save time by ignoring how code works. Folks taught upon a Framework have no real idea what its produced code does.

    • ComradeKhoumrag@infosec.pub
      link
      fedilink
      arrow-up
      7
      ·
      9 months ago

      Typically the security conscious webdev still needs to define an API to their database. It’s bad practice to let users hit the DB directly.

      Now, if you hack the API then sure you can start hacking the database, but first you have to hack the API to the database which raises the costs of cyberwar