Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Max Khrichtchatyi2014-07-06 13:41:36
API
Max Khrichtchatyi, 2014-07-06 13:41:36

How to implement controlled API access from a JS & HTML application?

To begin with, there is an API with authorization checks, tokens and other parsley.
There is also a desktop and mobile application written on cross-platform frameworks like PhoneGap, these applications interact with our API (https). The problem is that such applications are very easy to tear apart and look at the logic of working with the API. How to make sure that only our applications can work with our API?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2014-07-06
@j0shu4b0y

No way. You can try to enter something like RSA with keys for the application, and exchange some kind of signature in the headers, etc. As for "tearing" - any sniffer will show you how to communicate with a third-party apishka.

Similar questions
A
Artur Lastname2019-11-22 08:32:03
How to disable all OTHER handlers on a js/bitrix element? 3Reply
A
Alexander Nikolaevich2017-06-25 15:01:39
Where is the navmenu-v element? 1Reply
G
GaserV2017-03-29 22:56:47
API for a small resource? 3Reply
L
Lev Kekish2015-03-28 12:01:15
How to remove yandex maps API external controls? 1Reply
Q
qovalenko2017-03-30 20:07:33
How to implement a blog on the medium.com platform? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question