Prevent attack to api |
Hello guys
I have api that i created it with resful I use api key for access to this api But if hacker can use this api,so hacker can send many data and register in my database with pseudo data How prevent it?
you can set expired times to your token and disabled caching might give you little help
--- but the real question is , how he can took your token? #he got my token from sql injection so that's not your token problem, but your apps problem #noo, he got my token from sniffing so, you need ssl /https https://www.smashingmagazine.com/2017/04...p-headers/
(12-20-2017, 12:54 PM)plonknimbuzz Wrote: you can set expired times to your token and disabled caching might give you little help This url https://www.smashingmagazine.com/2017/04...p-headers/ is helpful Thanks |
Welcome Guest, Not a member yet? Register Sign In |