Replies: 1 comment 9 replies
-
|
How should client and server share encryption information? |
Beta Was this translation helpful? Give feedback.
-
|
Uhm..How to? |
Beta Was this translation helpful? Give feedback.
-
|
Opening the Browser Developer Console and inspecting the network traffic. It is just an header. |
Beta Was this translation helpful? Give feedback.
-
|
Yes, I know...but I don't understand how to complicate the life of a "bad person" using api-key. |
Beta Was this translation helpful? Give feedback.
-
|
You can for example use CORS to restrict what browser application can access the server. For more information, take a look to this post: https://stackoverflow.com/a/59526306/1728189. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks...I'll try to add CORS with "origin: https://www.sito.it" plus apikey. I'll inform you. PS: Do you maintain this repo? |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Api Key: Add encrypt/decript the key server side to protect the real api key. The client pass the key ( encrypted ). The server decrypt the key and then follow the rest.
Beta Was this translation helpful? Give feedback.
All reactions