1

Using Express with React on the front end, and want to hide the request payload, but couldn't figured it out how to do it. it looks like the below image

enter image description here

backend code sample:

router.post('/fit_spend', (req, res) => {
  const {avg_unit_price,
  brand,
  budget,
  isDev,
  path,
  period,
  showEnv}= req.body;
  
  
  ...
})

any help please?

webcoder
  • 1,331
  • 1
  • 9
  • 27
  • I don't think you can, unless you use some sort of client-side encryption algorithm to obscure those values. Ideally if there is stuff that you want to hide from the client, then it should be all kept in the server. – theJuls Jan 13 '21 at 01:38
  • Here is a more detailed response to a similar question: https://stackoverflow.com/questions/53630002/angular-5-is-there-way-hide-api-call-or-make-it-private – theJuls Jan 13 '21 at 01:40
  • 1
    I have seen in many websites it is hidden but couldn't figure out are they doing it in the backend or frontend, and how they do it – webcoder Jan 13 '21 at 01:50
  • what do you mean by hidden? Such as an empty payload? Explicitly stated something is hidden? I am genuinely curious since as far as I know whatever you do on the client will somehow or another be available to be accessed through client dev tools. – theJuls Jan 13 '21 at 01:53
  • You can't This data originates in the browser, which is not in your control. – Joe Jan 13 '21 at 02:09

1 Answers1

0

I can't make comments yet, but I think the best way to handle this is to make sure a user is logged in and make your call a protected route. As other users have said, you can't control the client side of things.

wjpayne83
  • 192
  • 1
  • 11