Replies: 1 comment 9 replies
-
|
How should client and server share encryption information? |
Beta Was this translation helpful? Give feedback.
-
|
Uhm..How to? |
Beta Was this translation helpful? Give feedback.
-
|
Opening the Browser Developer Console and inspecting the network traffic. It is just an header. |
Beta Was this translation helpful? Give feedback.
-
|
Yes, I know...but I don't understand how to complicate the life of a "bad person" using api-key. |
Beta Was this translation helpful? Give feedback.
-
|
You can for example use CORS to restrict what browser application can access the server. For more information, take a look to this post: https://stackoverflow.com/a/59526306/1728189. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks...I'll try to add CORS with "origin: https://www.sito.it" plus apikey. I'll inform you. PS: Do you maintain this repo? |
Beta Was this translation helpful? Give feedback.
-
Api Key: Add encrypt/decript the key server side to protect the real api key. The client pass the key ( encrypted ). The server decrypt the key and then follow the rest.
Beta Was this translation helpful? Give feedback.
All reactions