Reputation: 243
Angular 4 - Encrypt data (AES) from angular and sent it
What do you think about the vulnerability in Angular 4 ? Because it's in the client.
I would like to encrypt a data with a key (Javascript AES) and send it to my API. After this, I will decrypt the data in my api.
Do you think it's a vulnerability?
Thank you
Upvotes: 2
Views: 6992
Answers (1)
Reputation: 3263
Firstly, to clarify. Using HTTP(S) already encrypts your data. Use an application such as WireShark to confirm this. Using HTTP (not HTTPS) is not advised as the payload can be read in the network as plain text.
If you still need further encryption (I would question why).
Secondly it depends where you are storing your data (I am assuming it is sensitive). If you are storing anything in the browser (Local Storage), then I strongly advise against this as it's not secure. The reason for this is because anyone could read such data using:
var yourSensitiveData = localStorage.getItem("your-data");
If you are saving data to Session Storage, then this is safe if implemented correctly because the data is only accessible between the client and server in which the session runs.
Hope this helps.
Upvotes: 1
Related Questions
- How to Encrypt and Decrypt in Angular 6
- Encrypting in Angular and decrypting on C# (.NET)
- Encrypting in Angular and Decrypt on C#
- Decrypting with crypto-js
- AES 128 Encryption in Angular 4 and decryption in Java
- How to encrypt and decrypt json data in angular 8
- Decrypt incoming response angular 9
- failed to do AES encryption in angular5
- Encryption in Typescript ( Angular ) and Decryption in Java
- Encrypt data on angular decrypt on Nodejs