Suppose we have a site that parses data from another site. The user is authorized on another site and logged into the account. You need to make sure that when you visit our website it has already been authorized. Is it possible to do this somehow via cURL?
1 answer
If another site belongs to you and you can make the necessary changes, then yes, you can use several methods. Otherwise, it would be an easy way to hijack an account from any other site with a simple CURL and of course this is possible only if there are serious vulnerabilities.
For the first option, you can use OpenID, OAuth. Or write your crutches of your choice.
Ruslan Ruslan
830 four 15
|