Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
deleted-mezhevikin2015-04-19 18:51:29
Objective-C
deleted-mezhevikin, 2015-04-19 18:51:29

How to protect api from interception?

There is an application on ios (objective-c) and a server part on laravel 5 (php).
How to implement api protection from interception through sniffers?
As far as I understand, you need to sign the request on the client and check it on the server.
I would be grateful for any links-tutorials on this topic.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
K
Konstantin, 2015-04-20
@unity_ultra_hardcore

To protect yourself from sniffers, just switch to HTTPS.
To restrict unofficial clients, the request can be signed. Usually, the request is unambiguously serialized in some way, hashed on the client with a known salt in advance, and passed this hash in the request. This salt is also known to the server and it repeats these actions, after which it compares the received one with the one sent by the client.
But this is all nonsense: if you have the desire and physical access to a jailbroken iPhone, the signature generation algorithm can be picked out of the application in a reasonable time.

Report
X
xmoonlight, 2015-04-19
@xmoonlight

CRAM-MD5

Similar questions
B
Bullstreak2014-08-23 19:57:34
What is the difference between weak and strong? 2Reply
P
Petrushka2016-09-08 20:39:39
How to write for an MVP? 3Reply
M
Max Onflic2014-09-08 00:30:46
Modal View Controller, what is it and what is it eaten with? 2Reply
L
Lorem Ipsum2014-09-18 17:16:40
How to return one element of an array objective-c ? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question