开发者

PHP/Javascript security

问答 作者:

I have 1 JavaScript file that will post messages on Facebook. I can call this file using

{'message': 'This is a message'}

as POST parameters and it will publish it on Facebook. It's l开发者_如何学运维ocation is /request/facebook.php. Now I thought about this. Anyone can call this file and post messages on my Facebook account! How can I protect this file, so it can only be called from a few servers? I know their IP addresses. And how can I call it then from my own server (without the loss of security)?

IP restriction is a good start, but IP's change every once in awhile.

I would consider using a username/password or some sort. It doesn't need to be overly complex, as long as the transmission of the key/password is encrypted.

You need to implement some sort of security on your site, to prevent just anyone from invoking your server script. IP restriction is certainly viable.

继续阅读:phprequestsecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9