I built a simple REST FULL API with NodeJS.
When it comes to HTML code, I do have :
<form method="post" action="/registry/api">
<input name="id" type="text" value="6" readonly>
<input name="name" type="text" value="TEST name">
<input name="description" type="text" value="TEST desc">
<input name="approved" type="checkbox" checked>
<input type="submit" value="Update">
</form>
But if I go in the console, erase 'readonly' and change this id from '6' to '7', my API indeed receives the bad id and update the bad row in database.
How can I fight this ?
via Dinath
No comments:
Post a Comment