Reputation: 24688
Obfusticate AJAX JSON data
I'm making a webapp that uses AJAX to retrieve some JSON data created by a PHP file on my server. There is no authentication involved, therefore there is no definitive way to stop someone else from calling the PHP file and using my data on their site.
I would at least like to obfusticate the JSON data in some way in order to stop casual & opportunist theft of my resources by non-expert programmers. What would be the best practices for obfusticating JSON data?
Upvotes: 0
Views: 242
Answers (2)
Reputation: 4914
Since it's pretty trivial to find a good JSON parser, which, as long as your JSON was valid, would neatly extract the correct information from your JSON, I think it's going to be quite hard to get much security out of obfuscation.
If you really wanted to go with this, perhaps the best bet is to litter your JSON with data that is modelled to look relevant, but is in fact just junk/random data. At least this way it might make it harder for someone to make out what the meaningful data is, amongst all the 'noise' that you introduce.
Again, for meaningful security you really need something more traditional (authentication + encryption, really), but if you're constrained in not being able to do so, then this may be the best 'poor mans security' option.
Upvotes: 1
Reputation:
There are any number of ways you can make your data more inconvenient to consume, but this doesn't really help you in terms of security. You should implement some sort of authentication token.
Upvotes: 0
Related Questions
- Obfuscate values in JSON string using Regex
- Securing/Obfuscating JavaScript API requests
- Obfuscating AJAX POST
- How can I obfuscate a string in JavaScript?
- Obfuscation: JS protection
- Javascript obfuscate AJAX code
- Obfuscating the javascript but with passing in one data?
- Protecting JSON in Javascript?
- How do obfuscate JSON response when dealing with a DB query?
- Encoding / obfuscate a javascript object