简体繁体 English

如何判断HTTP API请求是否来自iPad

[英]How to determine whether HTTP API request came from iPad

原文 2011-07-13 21:53:39 9 1 ios/ ipad/ api/ http/ authentication

We're developing an HTTP API for an iPad app, and we're thinking of only allowing the API to be accessed via an HTTP request that came from an iPad. We're developing an HTTP API for an iPad app, and we're thinking of only allowing the API to be accessed via an HTTP request that came from an iPad.

I'm not thinking of something like the User-Agent, because that can easily be forged, but more like some kind of authentication scheme that ties in with the App Store?我没有想到像 User-Agent 这样的东西，因为它很容易被伪造，但更像是某种与 App Store 相关的身份验证方案？ Maybe the App Store signs each app with some kind of private key, and then you could insert that signature as a query parameter or header in the request and check on the server side whether the signature is from a legit iPad.也许 App Store 使用某种私钥对每个应用程序进行签名，然后您可以将该签名作为查询参数或 header 插入请求中，并在服务器端检查签名是否来自合法的 iPad。

Is something like this possible or even a good idea?这样的事情可能，甚至是一个好主意吗？

1 个解决方案

If you control both the iPad app and the server app, you should be able to use PKI to validate that a request came from a legitimate app.如果您同时控制 iPad 应用程序和服务器应用程序，您应该能够使用 PKI 来验证请求是否来自合法应用程序。 Embed the public key in the app itself, use it to encrypt a value you put in a header field, and then use the private key on the server to decrypt and validate the received header value.将公钥嵌入应用程序本身，使用它来加密您放入 header 字段的值，然后使用服务器上的私钥解密并验证收到的 header 值。

确定应用启动是否来自AdMob点击 - Determine whether an app launch came from an AdMob click

UILocalNotification - 如何发现用户操作是否来自通知中心？ - UILocalNotification - How to discover whether user action came from notification center?

如何确定当前设备是iPhone还是iPad？ - How do I determine whether the current device is an iPhone or iPad?

如何知道请求是否来自缓存？ - How to know If the request came from Cache or not using AFNetworking

确定对象来自哪个词典 - Determine which dictionary an object came from

如何确定当前连接的wifi在iPhone或iPad中是否安全 - How do I determine whether curreltly connected wifi is secure or not in iPhone or iPad

如何通过HTTP标头使用基本身份验证从ipad应用程序调用Web api服务？ - how to call web api service from ipad application using basic authentication through http headers?

验证/签署对我的 API 的请求来自我的应用程序并且没有被欺骗（React Native） - Verifying/signing that a request to my API came from my app and was not spoofed (React Native)

如何通过api从iOS应用程序发出http请求 - How to make an http request from an iOS app through api

如何确定图像是从库中还是从相机中获取的 - How to determine whether an image was taken from the library or from the camera

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 确定应用启动是否来自AdMob点击 - Determine whether an app launch came from an AdMob click UILocalNotification - 如何发现用户操作是否来自通知中心？ - UILocalNotification - How to discover whether user action came from notification center? 如何确定当前设备是iPhone还是iPad？ - How do I determine whether the current device is an iPhone or iPad? 如何知道请求是否来自缓存？ - How to know If the request came from Cache or not using AFNetworking 确定对象来自哪个词典 - Determine which dictionary an object came from 如何确定当前连接的wifi在iPhone或iPad中是否安全 - How do I determine whether curreltly connected wifi is secure or not in iPhone or iPad 如何通过HTTP标头使用基本身份验证从ipad应用程序调用Web api服务？ - how to call web api service from ipad application using basic authentication through http headers? 验证/签署对我的 API 的请求来自我的应用程序并且没有被欺骗（React Native） - Verifying/signing that a request to my API came from my app and was not spoofed (React Native) 如何通过api从iOS应用程序发出http请求 - How to make an http request from an iOS app through api 如何确定图像是从库中还是从相机中获取的 - How to determine whether an image was taken from the library or from the camera

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM