[英]Proper Client <-> Server Communication
假設我有一個用於簡單聊天室的客戶端和服務器。
它們通過JSON字符串進行通信。
我知道以下示例是不安全的,但是我只對這是一種有效的通信方式感興趣。
// The Client connects to the server.
// The Client sends a JSON string with the following variables to the server:
--> Intention: "Request"
--> Context: "Login"
--> Message: "username:admin|password:123"
// The Server receives the JSON string and the string goes through an if-statement:
--> if(Intention.Equals("Request")){...}else if(Intention.Equals("Response")){...}
// The Server now knows it's a Request and moves on to the next step.
--> if(Context.Equals("Login")){.<check if user exists in server database and if the login details match>.}
// If the login details are correct, The Server marks the connected Client as logged in and sends a JSON string back to The Client:
--> Intention: "Response"
--> Context: "Login"
--> Message: "OK"
// The Client receives the messages and sees it's OK, now the Client shows the user control panel and chatbox to the user which all send other Request JSON strings to The Server.
// Any other context than "Login" check if the Client actually is marked as logged in, if not, the server returns a response with "ERR_NOT_LOGGED_IN"
現在我有幾個問題:
我之所以問是因為,我發現了很多有關客戶端和服務器進行通信的好方法 ,但沒有找到來回發送的實際內容 。
先感謝您!
如您所說,這不是很安全。 一些MITM可能會破解連接,發送其owm命令。 因此,為了確保安全,您應該嘗試進行一些對稱/不對稱加密以保護內容並使用校驗和以避免偽造的消息
要回答您的問題:
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.