Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Blackmist ,

Buy code on Fiverr, get code on Fiverr.

Chozo ,

This is a really awesome article that explains the technical aspects in a way that makes sense to non-coders, without having to over simplify. I feel like this sort of writing should be much more appreciated. Also, the graphic at the top has no business being that good, this whole piece is a banger.

Psaldorn ,
@Psaldorn@lemmy.world avatar

They might as well just publish the database credentials in the API too, jeez

elvith ,

They basically did. I bet they just used an ORM in the backed and then pointed the API endpoint to the user entity without filtering the fields. This results in a dump of the user table (although row by row indexed by users instead of a full dump)

snooggums ,
@snooggums@kbin.social avatar

Ahhhh, I was.wondering why they would take the time to set up an API with that data and forgot that almost everything has a way to just dump things into it without needing to be set. I forget because where I work we actively avoid that approach because of risks like this.

InEnduringGrowStrong ,
@InEnduringGrowStrong@sh.itjust.works avatar

That's so over the top bad it's almost ridiculous

shortwavesurfer ,

Oh dear, I had heard of this hack before, but I had not seen it laid out like this. Oh dear god, that's bad.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • incremental_games
  • meta
  • All magazines
    •