Restricting GET requests only from whitelisted domains
Options
Hello there, I’m using Webflow as my front end. There are instances where I need to retrieve information stored in my Xano database via a GET request (using vanilla javascript) and then display them on the front end.
Now my question is - is it possible for Xano to only respond to requests made from my site? This is because anyone who opens up their developer tools in their browser will be able to see my Xano end point and can potentially abuse that end point and I would like to avoid that by ignoring all API requests that are not made from my domain.
Appreciate your guidance on this. Thanks! 🙏🏼🙏🏼🙏🏼
Now my question is - is it possible for Xano to only respond to requests made from my site? This is because anyone who opens up their developer tools in their browser will be able to see my Xano end point and can potentially abuse that end point and I would like to avoid that by ignoring all API requests that are not made from my domain.
Appreciate your guidance on this. Thanks! 🙏🏼🙏🏼🙏🏼
Comments
-
Xano gives you access to different environment variables of your request:
[CleanShot 2022-04-19 at 15.44.53.png]You can combine these with preconditions to enforce something must be true in order for your endpoints to run. -
Ah that’s exactly what I’m looking for. Thanks so much Michael!
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback