We've retired the forum in favor of GitHub Discussions.

New conversations can be started on GitHub. Existing conversations will remain for a while longer.

Head over to GitHub →

Adding security to add-on

Erin Dalzell January 4, 2015 by Erin Dalzell

I've created an add-on so I can post to my blog from phone and I've just realized it has no security at all, w which means anyone could have posted to my blog! (I've taken it down now of course).

Options (if there are others, please let me know):

  1. send Statamic user account in URL request (I use HTTPS but if others don't then it's in plaintext)
  2. use authorization token in the add-on config file

Are there other options? I don't have the ability to set Headers or anything in the HTTP request.

Answered by Erin Dalzell!
>>>>>>> Answered <<<<<<<
5 Replies