Consume hosted asmx in a secure way
Question
I am using the third party payment gateway in my app. The payment gateway providers gave test asmx HTTPS URL for the integration and it has some methods. Using the HttpWebRequest I integrated to my app. I am sending SOAPRequest and I got the SOAPReponse .
How do I ensure data that I am sending is secure? How do I avoid a man in the middle attack? Is this the right way to do it?
1 answers
solution1
1 2019-04-24 14:22:03
Most of the times, one can assume that, if you are making your web-service calls inside a controlled environment where you can trust . You can assume that your connection is safe if you are using HTTPS . However, there are some problems that can come 'hidden' with HTTPS, such as, if someone 'fakes' somehow your certification authority inside of your network/machine or has access to your router and is able to change the DNS of your network.
If you want to analyse the traffic inside of your network to understand what is happening behind the scenes, you can use WireShark for that. If you really wanna go deep and understand all kinds of man in the middle attacks and how to prevent them, I will give some links where you can start with:
Types of Man-in-the-Middle Attacks
Man in the middle prevention strategies
But in general: If you are using HTTPS -> Theoretically you shouldn't be afraid of a man in the middle attack.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.