[英]client-side storage of private key
I know that we're not supposed to "trust" the client because JavaScript is an interpreted language and it is trivial to inspect variables, even with code obfuscation and uglifying. 我知道我们不应该“信任”客户端,因为JavaScript是一种解释型语言,即使使用代码混淆和丑化,检查变量也是微不足道的。
Still, I wanted to ask the following : 不过,我想问下列问题:
thanks 谢谢
Follow-up : even if the client can find the variable, is it possible to detect tampering of the variable? 跟进:即使客户端可以找到变量,是否可以检测到变量的篡改? ie some polling between the client/server such that if the client event loop doesn't respond periodically every X seconds then the server considers the client compromised?
即在客户端/服务器之间进行一些轮询,这样如果客户端事件循环每隔X秒没有定期响应,那么服务器会认为客户端受到了损害?
如果客户端拥有它,客户端可以找到它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.