#* RESTful APIs
Explore tagged Tumblr posts
Text
Server-Side Scripting Explained: Simplifying Web Development
Explore how server-side scripting works, from processing user requests to delivering customized content. Learn the benefits for both developers and users.
0 notes
Text
In the world of software, APIs (Application Programming Interfaces) act as bridges between different services. They help applications talk to each other by sending requests and receiving responses. Think of them as messengers, delivering messages between clients (like apps or websites) and servers (where data or actions are stored). Read more...
#Designing REST APIs#RESTful APIs#Web APIs#Web API development#Web API development services#REST APIs Design
1 note
·
View note
Text
――☀️ on first and fierce affirming sight
of sunlight, sunlight, sunlight ☀️――
(xps/vroid/gamerip/model mashup/render-that-i-drew-over of the Traveler's Specialest Princess<3 blender is still The Worst™ but i'm learning to grudgingly tolerate it since it can convert literally everything.)
P.S.: please don't tag this in a way that implies there was more than one destiny game, because there wasn't and pretending otherwise makes me very, very sad because I wish there was (but there wasn't). thank you!
#destiny#bungie destiny#destiny 2014#destiny hunter#prophet#guardian prophet#chi's adventures in art#her hair is from a fire emblem model and the halo was from the sims lmao but the rest i exported#REALLY glad the model api is still accessible even though stlgenerator got taken down...rip#i feel like i'm gonna start rambling bc i feel like this is stupid. someone come say something nice to me 😅😅😅😅#eta added a PS because the tags didn't make it clear. this is fanart for the 2014 video game “destiny”.#not halo or whatever that grimdark edgelord game they ditched destiny for is. ESPECIALLY not that one#god.....do you think if we ask Really Niceys they'd bring back iron banner and trials for Y10... i still want that cat hood 😔
15 notes
·
View notes
Text
SQL Injection in RESTful APIs: Identify and Prevent Vulnerabilities
SQL Injection (SQLi) in RESTful APIs: What You Need to Know
RESTful APIs are crucial for modern applications, enabling seamless communication between systems. However, this convenience comes with risks, one of the most common being SQL Injection (SQLi). In this blog, we’ll explore what SQLi is, its impact on APIs, and how to prevent it, complete with a practical coding example to bolster your understanding.
What Is SQL Injection?
SQL Injection is a cyberattack where an attacker injects malicious SQL statements into input fields, exploiting vulnerabilities in an application's database query execution. When it comes to RESTful APIs, SQLi typically targets endpoints that interact with databases.
How Does SQL Injection Affect RESTful APIs?
RESTful APIs are often exposed to public networks, making them prime targets. Attackers exploit insecure endpoints to:
Access or manipulate sensitive data.
Delete or corrupt databases.
Bypass authentication mechanisms.
Example of a Vulnerable API Endpoint
Consider an API endpoint for retrieving user details based on their ID:
from flask import Flask, request import sqlite3
app = Flask(name)
@app.route('/user', methods=['GET']) def get_user(): user_id = request.args.get('id') conn = sqlite3.connect('database.db') cursor = conn.cursor() query = f"SELECT * FROM users WHERE id = {user_id}" # Vulnerable to SQLi cursor.execute(query) result = cursor.fetchone() return {'user': result}, 200
if name == 'main': app.run(debug=True)
Here, the endpoint directly embeds user input (user_id) into the SQL query without validation, making it vulnerable to SQL Injection.
Secure API Endpoint Against SQLi
To prevent SQLi, always use parameterized queries:
@app.route('/user', methods=['GET']) def get_user(): user_id = request.args.get('id') conn = sqlite3.connect('database.db') cursor = conn.cursor() query = "SELECT * FROM users WHERE id = ?" cursor.execute(query, (user_id,)) result = cursor.fetchone() return {'user': result}, 200
In this approach, the user input is sanitized, eliminating the risk of malicious SQL execution.
How Our Free Tool Can Help
Our free Website Security Checker your web application for vulnerabilities, including SQL Injection risks. Below is a screenshot of the tool's homepage:
Upload your website details to receive a comprehensive vulnerability assessment report, as shown below:
These tools help identify potential weaknesses in your APIs and provide actionable insights to secure your system.
Preventing SQLi in RESTful APIs
Here are some tips to secure your APIs:
Use Prepared Statements: Always parameterize your queries.
Implement Input Validation: Sanitize and validate user input.
Regularly Test Your APIs: Use tools like ours to detect vulnerabilities.
Least Privilege Principle: Restrict database permissions to minimize potential damage.
Final Thoughts
SQL Injection is a pervasive threat, especially in RESTful APIs. By understanding the vulnerabilities and implementing best practices, you can significantly reduce the risks. Leverage tools like our free Website Security Checker to stay ahead of potential threats and secure your systems effectively.
Explore our tool now for a quick Website Security Check.
#cyber security#cybersecurity#data security#pentesting#security#sql#the security breach show#sqlserver#rest api
2 notes
·
View notes
Text
I'm going to explode. I had to wake up at six and now I absolutely cannot code. Hlep
6 notes
·
View notes
Text
computer that hates you call that HATEOAS
#esha.txt#Ok the joke is I learnt about rest apis today and that’s a real acronym that stands for#Hypermedia as the engine of application state (No i don’t know why they decided to include every word in the acronym)#and I misread it as HATEOS like. Hate operating system at first.#Ok that concludes Bad cs jokes with esha
7 notes
·
View notes
Text
OpenAPI generated type interfaces are literally so sexy
#typesafety is just for letting your devs just put round blocks into round holes#the more you can prevent other shapes from fitting into the hole the better#ive recently fallen in love w typescript branded types#which just adds a little flag to a string or number saying 'hey im a special kinda string/number'#lifesaver if ur working w a bunch of different kinds of ids & lookups n stuff#& openapi types can also flag if ur sending smth in the wrong format to the wrong endpoint#im doing a thing where i glue together a bunch of data from a bunch of different rest APIs & its incredibly helpful not only for that#but also for giving me access to the datatypes to build the app around#then a lot of its just paint by numbers#literally if you have a commensurate type sustem for the problem you literally dont have to think
19 notes
·
View notes
Text
Call my fist an HTTP Post request, the way it delivers a message of pain directly to the endpoint of your face.
2 notes
·
View notes
Text
just found out that skycrypt is backed up occasionally on the wayback machine, so of course i went to go check techno's stuff. neat little thing i found, by april 9th 2021 he hadnt made it past thorn in dungeons. so he was cutting it CLOSE cramming in catacombs exp for the resistance fight jhdkjfj (turned out to be useless anyways)
also, judging by his exp gained, seems like he was only running with one other person. i was under the impression he had a full party the entire time bc of his video but that must've just been for later floors or maybe even JUST floor 7
and also. before the resistance fight. his highest crit damage was a WHOPPING... 82k
#was hoping to find something i'd never seen before but ehh not rlly#just in-progress stuff. neat!#also there was a snapshot taken in 2023 before the api changed but sadly it returns a 404#so the last archive of his stuff was from 2022#it can come back if someone logs into his account but. who would do that 🧍♂️#god i would love for his api to be opened i would kill for it aaaaaugh#it will bother me for the rest of my life#it's not a good idea to open his api and it would cause so many problems. it is a fully selfish wish jdjfhd#chat#sb#technoblade
11 notes
·
View notes
Text
got this advertisement on a different website and
girl what the hell
12 notes
·
View notes
Text
my biggest pet peeve is when i get into a video game fandom and discover that the entire fandom is made up of people who have never touched a video game before this one
#like. yeah of course that character model is out of bounds there#the animation shows the whole model coming out of the wall#do you assume they animated a custom cutscene where they built just the arm and then generated the rest of the model as he came through the#portal ???? do you not realize how much work that would take ?????#you people are downloading mods so you can see the faces of characters out of frame#but the concept of a character model and real time cutscenes and boundary boxes are completely foreign to you???#you downloaded the free cam mod !!! and got it working for a game with no native modding api !!!#i know you people aren’t complete idiots#let’s exercise some common sense.
3 notes
·
View notes
Text
What Is Server-Side Scripting? A Beginner’s Guide to Dynamic Websites
Learn how server-side scripting powers dynamic websites by handling requests and delivering personalized content. Explore its role in web development without the technical jargon.
0 notes
Text
We all know they both have different strengths and ideal use cases, but which do you generally prefer to use in your own projects, REST or GraphQL?
11 notes
·
View notes
Text
What is Monolithic Architecture?
Monolithic architecture is an approach to software development in which an application is built as a single, self-contained unit. In this architecture, all application components are tightly coupled and run within the same process. This means that the entire application is deployed as a single package, and all changes to the application require the application to be rebuilt and redeployed.
In the above example, we can see that all services are created in a single application and they are tightly coupled with each other. Even functionalities created in separate classes, it is integrated into the main class. If the change in one class is done, we have to test all functionality. The bigger issue is that, if any class has an issue then it will impact all functionality. Let us example, the discount service has an issue so it will impact the complete order process.
Check out this post for the Advantages and Disadvantages of Monolithic Architecture?
#development#rest api#salesforce#salesforcecodex#salesforce development services#salesforce development company
2 notes
·
View notes
Text
JavaScript code to integrate with an external API
JavaScript code to integrate with an external API
Let’s start with simple HTML code and save it as .html file. <!DOCTYPE html> <html> <head> <title>API Integration</title> <link rel="stylesheet" type="text/css" href="styles.css"> </head> <body> <button id="fetch-data-button">Fetch Data</button> <div id="data-container"></div> <script src="app.js"></script> </body> </html> This HTML code creates a button element with the id…
View On WordPress
6 notes
·
View notes
Text
oh okay
#if anyone asks me to troubleshoot this i will just spontaneously go live in a forest for the rest of my life#tumblr api#polls#it's a poll!
155K notes
·
View notes