TronGrid provides all full-node HTTP APIs, and it also provides its proprietary user-friendly extension API. The latest version of TronGrid's proprietary API is v1.
TronGrid API service has the features of low latency, high consistency, high availability and partition fault tolerance. TronGrid API service is available for mainnet, Shasta testnet and Nile testnet, so please choose the appropriate network according to your needs before using TronGrid API service.
Although TRON has avoided XSS by setting the Content-Type of HTTP APIs to application/json, there are a few APIs that don't have input validation. To better protect user data security, we recommend that you correctly encode any data from APIs before they use it in any UI, especially when parameter "visible = true" by default.
Here is a typical XSS protection method: Encode all data from the APIs in HTML. Use methods such as
encodeURIComponent()orescape()to encode the data, which can convert special characters into their HTML entities and prevent them from being interpreted as HTML code by the browser.Please be sure to implement XSS protection for all data from the APIs to ensure the security of user data. We understand that you may need more information about XSS protection. It is recommended that you refer to the following resources: OWASP XSS Prevention Cheat Sheet.
In order to ensure the reasonable allocation of requested resources, all request APIs need to carry the parameter API Key, and requests without an API Key will be severely limited or not even responded. For details, please refer to the API Key chapter.