web-security

Drew Verlee 2020-08-08T18:32:27.011300Z

Your treating the uuid like a password. So the same principles apply. E.g is it a get request? Are query params encoded so middle men can't get them? @lgessler

👍 1
Drew Verlee 2020-08-08T18:33:37.013100Z

Di your users understand they can't give out the uuid? Imo it's a coupling that buys you little and costs you much.