Welcome Guest, Not a member yet? Register   Sign In
Prevent attack to api
#2

you can set expired times to your token and disabled caching might give you little help

---
but the real question is , how he can took your token?

#he got my token from sql injection

so that's not your token problem, but your apps problem

#noo, he got my token from sniffing

so, you need ssl /https


https://www.smashingmagazine.com/2017/04...p-headers/
Reply


Messages In This Thread
Prevent attack to api - by omid_student - 12-20-2017, 12:39 PM
RE: Prevent attack to api - by plonknimbuzz - 12-20-2017, 12:54 PM
RE: Prevent attack to api - by omid_student - 12-21-2017, 01:52 PM



Theme © iAndrew 2016 - Forum software by © MyBB