This is a simple Representational State Transfer (REST) API implementation. We use Node, Express and MongoDB for this.
Rest uses HTTP protocols to interact and get stuff done with back end. To interact it uses, GET, POST, PUT and DELETE calls to Get the data, Add new data update data and delete data respectively.
Attacks
- Injection Attacks - Unwanted data is sent as part of a command or query
- Broken Authentication - Implementation of Authentication is broken somewhere down the req,res pipeline.
- Sensitive Data exposure.
- XML entities - Taking advantage of Old XML parsers and do injection attacks on them.
- Broken Access Control - When the Access control is broken.