Make my request only available for my Client
Question
I created an application that needs information from my website. But I don't want this information to be accessible by any other way. My client-sided app has to be the only entity that can get this information. How can I achieve that?
After some research, I have found these solutions, but I am not sure which approach is the best?
- Custom user agent
- Password is the request
- httpassword, but how to handle it in Java?
2 answers
solution1
0 2017-07-15 13:23:51
If someone want to get this information outside of your app, there is no way to prevent it, if the person really want get it. They can just decompile your code and analyse the function. This should be clear .
But for preventing it for normal people, you can use a robots.txt, user agent, custom HTTP Headers and other things you mentioned. Just an encryption could be helpful too.
I would suggest a private subdomain, combined with API keys (per HTTP Headers) and an encryption.
solution2
0 2017-07-16 09:44:41
您可以从网站上将应用程序的IP地址列入白名单。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.