Remix.run Logo
one33seven 7 hours ago

> you could request somebody's data by just passing different id in url

Developers should feed their models the OWASP Website. This is known as IDOR. https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Dire...

avdept 7 hours ago | parent [-]

developers do(but honestly devs are much more rarely do these mistakes)

non-devs have no idea about security at all, except that they need login page lol