php soap标头加密了吗?
[英]Is php soap header encrypted?
问题描述
I've made a soap call using our own php api. 
我用自己的php api拨打了肥皂。 The soap call requires us to send username/password in the soap header, and they only use http, no https. soap调用要求我们在soap标头中发送用户名/密码,它们只使用http,而不是https。
Does this mean that without changes i would send our header info in cleartext, free for anyone to dump? 这是否意味着如果没有更改,我会以明文形式发送我们的标题信息,任何人都可以免费转储? Or is it encrypted by php itself? 或者它是由PHP本身加密的?
1 个解决方案
解决方案1
0 2016-11-29 14:21:42
Yes, using http, the entire contents of the request will be in plaintext, including the SOAP headers. 是的,使用http,请求的全部内容将以纯文本形式显示,包括SOAP标头。 You need to use https to make it secure. 您需要使用https来确保安全。
SOAP requests are just normal http requests, with a XML structure in the body. SOAP请求只是普通的http请求,正文中有XML结构。 It's easily viewable by anyone inspecting the traffic. 任何检查交通的人都可以轻松查看。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.