Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nick2017-03-22 18:21:32
JavaScript
Nick, 2017-03-22 18:21:32

How to secure js api?

There are several independent sites that receive content through an ajax request (after page loading or user action) to the provider server.

There is some way to protect yourself from connections from other sites or directly. If in php, then it’s clear that everything happens on the server and the user cannot spy on the data.

The only thing that came to my mind was to use Ajax to first contact the localhost, and from there the script to the remote server, but this complicates the logic.

But what about pure js, are there any verification options?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Anton, 2017-03-22
@pekc83

CSRF tokens that are generated on the "provider server". When a page is requested by a client, claim the token and attach it to the response to the client. AJAX requests are made using this token.

Report
M
Max, 2017-03-22
@7workers

https://en.wikipedia.org/wiki/Cross-origin_resource...
not 100%, but still protection

Similar questions
T
Timofey2015-04-01 11:13:34
sails.js impressions? 5Reply
Y
Yrets1692021-03-22 15:59:27
How to properly pull from two mysql tables? 3Reply
T
The Dragger2015-04-03 11:25:21
Which image upload for Yii would you recommend? 4Reply
I
ildar-meyker2022-01-20 18:30:09
Who has a Macbook Air and what are the temperatures? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question