Enhancing Database Functionality and File Security for Web Development
In this meeting, George and the State Changers discuss a few topics.
First, they discuss dynamically updating the query for aggregate data based on the current calendar year. George suggests storing the year as a field in the table to make the query more efficient and recommends using timestamp formatting to get the current year dynamically.
Next, they talk about using Uploadcare for file management. They mention that files stored in Xano are public and recommend using a more secure option like Uploadcare. They discuss the possibility of storing the files in Uploadcare and storing the ID in Xano, and mention the need for manual deletion of files in Xano.
They also touch on the limitations of Xano's file system, including the inability to rename or delete files. George suggests manually uploading files to Uploadcare, getting a signed URL, and then referencing the URL in Xano when needed.
The State Changers express concerns about security and request information on any other security considerations. George mentions that the file storage in Xano is not mature and may not be the best option for security. He recommends using external file management systems for better security.
Lastly, they briefly touch on snippets in Xano, cautioning that snippets require distributing an API endpoint, potentially opening a security vulnerability.
The meeting ends with George offering to introduce the State Changers to a penetration tester for cybersecurity purposes and recommending a educational resource called TriHackMe for better understanding of security.
Overall, the meeting covers topics related to query optimization, file management, and security considerations in Xano.