[英]Pass new password to a HTTP REST API endpoint in a secure way
I have an app, that has a REST API developed by me by WCF. 我有一个应用程序,它具有由WCF由我开发的REST API。 It works great.
效果很好。 It uses http basic authentication to authetnticate users, and https to secure data transport.
它使用http基本身份验证对用户进行身份验证,并使用https保护数据传输。
Now I should develop an API feature, that enables to change a user's password. 现在,我应该开发一个API功能,该功能可以更改用户密码。 I am afraid to pass the new password via URI, I feel it unsecure.
恐怕无法通过URI传递新密码,我认为它是不安全的。
So, what would be a secure option to pass the new password to the API endpoint? 那么,将新密码传递到API端点的安全选项是什么? Does it have some 'standard' way?
它有某种“标准”方式吗? Or passing it in the URI is secure?
还是在URI中传递它是安全的?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.