Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dmitry Gavrilenko2017-05-06 16:39:16
API
Dmitry Gavrilenko, 2017-05-06 16:39:16

How to secure WebAPI from unnecessary actions?

Welcome.
There is an idea for a project that needs to be implemented. Public site-service with its clients (users).
I want to implement it on Angular2 + WebAPI. But here's the problem. The service is not that top secret, but you need to somehow secure the database from unnecessary actions that can be performed by people who can open the developer console in the browser and know about the Network tab.
What are some good ways to avoid exposing all requests to WebAPI or blocking the execution of an action on the server side, if this action should not be performed, logically? Binding to the keys disappears - the site will somehow access the WebAPI, which means it will merge the key in the console. Cookies and sessions are also in the trash, because creating an account in the service and stealing lines from the console is no more difficult than finding the key in the request.
What do colleagues say?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
A
arti_djeims2015-09-17 00:28:17
How to make comments from facebook in real time? 1Reply
F
frigolov2015-09-17 22:12:55
Which application is emulated in instagram delayed posting services - android or ios? 3Reply
M
mrprsdt2017-08-23 10:36:22
How to combine multiple systems into a single API? 3Reply
Y
Yuriy2017-08-23 14:46:41
SprosiKupi API how to get a list of product reviews by id in JSON? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question