Let's Hack a Wix Website
Вставка
- Опубліковано 25 сер 2024
- #wix #wixwebsite #wixtutorial #website #webdesign #webdev
Join this channel to get access to perks:
/ @thewixwiz
New to Velo? Try my new Velo for Beginners course now on Udemy!
www.udemy.com/...
Have an idea for a video? suggest it here:
www.thewixwiz....
Have questions? Join the discussion:
www.thewixwiz....
Want to have joint coding session? Book one now:
www.thewixwiz....
Have questions? Need some magic done on your website ASAP?
www.thewixwiz....
Follow along on Twitter @thewixwiz
Facebook page: / thewixwiz
Facebook community: / thewixwiz
Thanks, Eitan! Nice video on a very important topic. I would love to see other videos on similar or more advanced security topics with Wix. It's easy and common to talk with Clients about the design and functionality of websites we're contracted to design and build, but seldom/rarely/never do security topics get raised when discussing requirements. Site Owners need to understand a lot more about potential risks so that they know what questions to ask and what expectations to have about the projects they initiate...
Very true! Thanks for the suggestion!
This video is incredible, I would really like to see a second part for his. It has helped me a lot.
Thanks! What would you like to see in a part 2?
Man.... you are THE BEST ! OR... you are an ET of programming ! Amazing your knowledge !
Thank you!
Love to see Part 2 of this video 😁
What would you want to see in a part 2?
Great content!
So just doing the queries from the backend is not enough because it is possible to get the web method involved directly (if I understood correctly). The solution to that is to not return the id of the elements? What if they are needed in the frontend? For example if you need to get it and then update it (which needs the id).
If you need information on the frontend, you will eventually need to expose it to the user. If you do this with a backend web method instead of directly via the collection from the frontend, you have more control over the flow of data. In the example you provided, while you may need the id in the frontend, that is still a lot less information exposed than the entire item. If you have the right permissions, the id won't do anything for a malicious user.
AMAZING CONTENT. THANKS
Thank you 👍 please make part 2 ❤
What would you want to see in a part 2?
@@thewixwiz Code injections Into forms is a good one. Maybe also Security checklist - i think that one would be amazing for people who have no idea what to protect in different scenarios.