[英]How to attach key/value parameters to the header of a HTTP GET request?
Is there any way to supply key/value parameters of my choice in the headers of a GET request? 有什么方法可以在GET请求的标头中提供我选择的键/值参数吗?
Or should I use a POST request for that - even if my request is purely about retrieving information? 还是应该为此使用POST请求-即使我的请求纯粹是关于检索信息的?
Background: I have a RESTful API that requires a key
parameter. 背景:我有一个需要
key
参数的RESTful API。 I want to use this API as the back-end for a JavaScript application on the same domain. 我想将此API用作同一域上JavaScript应用程序的后端。 However, I don't want users of the web app to be able to see and steal the
key
parameter, which they would if the key
parameter was supplied as a GET parameter. 但是,我不希望Web应用程序的用户能够看到和窃取
key
参数,如果key
参数是作为GET参数提供的,则他们会看到并窃取。
I think since my site is served over HTTPS, if I put the key
parameter in the header, it will be invisible to the web app user, and that gets around my problem. 我认为,由于我的网站是通过HTTPS服务的,因此,如果将
key
参数放在标题中,则Web应用程序用户将看不见它,这可以解决我的问题。
invisible is probably not possible.. 隐形是不可能的。
you can do this in Three ways. 您可以通过三种方式做到这一点。
Either you use Salt and hash for generating random key using sha256/512 and some random secret key in your app and pass through GET request. 您可以使用Salt和hash来使用sha256 / 512和应用程序中的一些随机密钥生成随机密钥,然后传递GET请求。
or can use POST request for same.(easiest method). 或可以使用相同的POST请求。(最简单的方法)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.