I’m building an app with the REST API and I noticed that the login API call makes a GET request with the username and password url encoded in the url. This is one of the first rules you learn in IT that a get request should not contain any secure data. I tried to use a POST request and this works fine. It would be safer to change the documentation to POST.
That would be good to change. Would you be willed to open a PR to the docs repo (GitHub - parse-community/docs: Parse Platform docs) with the suggested change?
1 Like
I made a PR: Changed the GET method to POST on logging in by Xevro · Pull Request #858 · parse-community/docs · GitHub
1 Like
The PR is still pending to merge. Seems like nobody is maintaining the REST API.
I see a lot of open PRs on the repo as well.