Description
New Feature / Enhancement Checklist
- I am not disclosing a vulnerability.
- I am not just asking a question.
- I have searched through existing issues.
Current Limitation
The REST client integrated in parse (npm module) works fine but it's not possible to override what goes in and out of it and as such, the exchanges are way too easy for a hostile client using F12 in his browser to read, replay and exploit using simple software such as Postman or even JSBin
Feature / Enhancement Description
In Parse.Coremanager there should be a way to introduce a simple function before sending requests and before returning them.
Essentially, we would have 2 modifier functions that takes in and returns those data structures:
"RESTSenderOverride"
{
url,
method,
headers,
payload
}
"RESTReceiverOverride"
{
status,
headers,
response
}
Example Use Case
The best usecase would be encryption + obfuscation by implementing e2ee on the exchanges themselves by running the payload, url and response through an encryption algorithm like AES and using those same encryption algorithms on the server side using express.use
Alternatives / Workarounds
Using the REST api directly but very impractical to implement for large web apps
Maybe Parse.CoreManager.RestController?? I have found no documentation about it