How server actions are securised ?
Unanswered
Maxence Rose posted this in #help-forum
Hello,
I search if server actions are securised or not ? If I use Postman, and I use the URL to call the server action, I can GET or POST data for this server action ?
I search if server actions are securised or not ? If I use Postman, and I use the URL to call the server action, I can GET or POST data for this server action ?
22 Replies
Yep. It’s up to you to secure them just like an app route.
use cloudflare or any security method u desire
example captchas
Hello. All my routes are server actions. I don’t use API Get or Post
And I want to know if server actions are sécurised.
Sorry for my bad English haha
@Maxence Rose Hello. All my routes are server actions. I don’t use API Get or Post
server action is a POST request
u can replicate that in postman
I find server actions are bad because if I want upload file I must use FormData and I don’t know how to use wrapper to standardise server actions params
I’m lost
I will transform all my server actions in route handler I think
i wouldnt use server actions tbh
I’ve around 100 server actions 😅
holy
Thanks for helping
np
Sun bear
But server actions are way easier to handle in terms of typesafty right? Dont you have to declare the response type for every router handler?
Southeastern blueberry bee
i think that you can rely on middleware for the security part
@Sun bear But server actions are way easier to handle in terms of typesafty right? Dont you have to declare the response type for every router handler?
Yes, but you can us trpc for typesafety. Server actions are meant for mutations only. Im just telling you what the standard is... lol I use server actions for more than that but its not its purpose.