Reputation: 577
Encripting the data between web-application and the server
I'd like to avoid of using of the API by anybody except my web-application.
I could encrypt the data sending to server via post requests and decrypt the responses of the API's server. But hacker can dig into the web-page code and simulate the web-page behavior and make harm to the server (for example by spamming one).
I could uglyfy JS code but can I consider that it is enough for applications not as secured as bank? Probably I missed any easy and beautiful solution?
Upvotes: 1
Views: 63
Answers (1)
Reputation: 34093
But hacker can dig into the web-page code and simulate the web-page behavior and make harm to the server (for example by spamming one).
This is an unavoidable truth about client-server applications!
You cannot prevent a dedicated reverse engineers from simulating your client-side application. It's a fool's errand to try.
Instead, architect your products to ensure server-side data maintains its integrity even if the client-side application is inauthentic.
Upvotes: 1
Related Questions
- JS Encryption w/ HTML
- How to encrypt data in javascript and decrypt in php?
- jQuery Encrypte Data
- Encrypting data before it gets to the server
- javascript encryption with web requests
- Sending and receiving encrypted data from a javascript app
- Encrypting data in Javascript
- Encryption/Decryption between PHP and Javascript
- Javascript and PHP Encryption/Decryption
- javascript encryption?