System Information
- Strapi Version: 4.8.2
- Operating System: win 11
- Database: Postgress
- Node Version: v16.18.1
- NPM Version: 8.19.2
- Yarn Version:
How do I prevent private data from appearing in response objects when using populate=*
Yes, it is.
If I do a query with populate, it shows fields marked as private.
Isn’t that a bad thing?
Yes you should always senatize everyting before putting it out you would have to senatize the input and the output
1 Like
I think a user’s password should never be stored anyway, why is there no salt/hash being used?
Look at the screenshot a salt and hash are both being used.