A problem: am spending a lot of time now designing my stuff reasonably hacker proof. Example: (hotel reservation system) If a site user (a possible guest) lists availability and pricing for a certain amount of days,and then clicks a row to make a reservation, I do not rely on front-end info to make the reservation: that tab might have been open for 10 days and in the mean time, pricing and availability might have changed, so I recalc/recheck. But …: my system (like many other reservation systems) does not rely on a “member” (you do not have to become a member first to see pricing). So, in order to prevent that a shrewd competitor writes a small script to see how the competition is doing (availability, pricing), I would like to be able to white-list request from an incoming IP-address in the backend, like Google does. But there is no referrer at the backend, referrer is a wix-window property (and you cannot send it along with the request to backend, it could have been manipulated). Does any of you have a solution for this problem?
An ugly (but maybe possible) solution:
Create an http-function and use it to insert to the collection.
And use the IP:
https://www.wix.com/corvid/reference/wix-http-functions/wixhttpfunctionrequest/ip
Can that work for you?
Yes, I thought about that too. It kind of blurs the difference between making a frontend call to a .jsw file and http-get/put to a http-function. Will try it out, thanks.