Reputation: 2787
Access restriction of WEB API service call based on request
When we access the WEB API service methods from a web application through Ajax calls, will there be any access restrictions for the following scenarios
“HTTPS” Web application accessing an “HTTP” WEB-API
“HTTP” Web application accessing an “HTTPS” WEB-API
Will there be any impact on request application or context, either it Http or Https the web API will behave same.
Please advice.
Upvotes: 1
Views: 205
Answers (1)
Reputation: 462
When you trying to access the "HTTP" Api or any service from the HTTPS or SSL enabled client, then the security itself is compromised.
SSL certificate is enable to maintain the higher level of security, in any HTTPS enabled client, when you access the Non SSL or HTTP ApI then you have to specify the Transport layer explicitly to allow the process of data [example IOS client - Application Transport]
Even if you have requirement to access the HTTP API, please go through this reference.
Make Https call using HttpClient
Upvotes: 1
Related Questions
- javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake during web service communicaiton
- How can I verify a Google authentication API access token?
- Response to preflight request doesn't pass access control check - No 'Access-Control-Allow-Origin' header
- Maximum length of HTTP GET request
- JavaScript/jQuery to download file via POST with JSON data
- How to manage a redirect request after a jQuery Ajax call
- Restful API service
- AngularJS $http and $resource
- Understanding REST: Verbs, error codes, and authentication