|
|
|
|
|
|
by perttir
2507 days ago
|
|
|
I contacted similar Finnish based application about similar issues, where almost everything, including all the user images could have been collected from the json api end point. Their response was that it is not bad system or insecure because the information is only available for logged users. So the api just needs authentication header. So all the user data could have been easily collected to own database using simple script. |
|
|