I wish to retailer some GDPR associated knowledge within the database for visitor or registered customers when consent is given.
My query is relating to security precautions I ought to take.
The thought is that when consumer performs some actions, an ajax request might be executed to the backend to retailer the info. What I wish to do presently is forestall injections and spamming.
For injections I can move the info sanitized after which sanitize once more in PHP so it should not trigger any points.
Nonetheless for spamming I am unsure learn how to method this. For instance I wish to keep away from a malicious consumer spamming requests to the ajax url and filling me with junk knowledge. I could not discover something associated within the devdocs relating to safety measures when utilizing uicomponents for instance.
Additionally I wish to know what different issues there are that I must be awaiting and plan accordingly.