|
|
|
|
|
|
by namsral
4219 days ago
|
|
|
To answer your first two questions: 1. TLS is the successor to SSL; setup your webserver with a certificate and redirect web traffic from HTTP to HTTPS. 2. UUIDs have some advantages over database primary keys; they are hard to guess; they can be generated on multiple machines without duplication. You could extend your current table with an extra column called public_id. |
|
|
The original post [advises against this][1]:
> Redirects are discouraged since they allow sloppy/bad client behaviour without providing any clear gain. Clients that rely on redirects double up on server traffic and render TLS useless since sensitive data will already have been exposed during the first call.
[1]: https://github.com/interagent/http-api-design#require-tls