How to ensure the exchange of client data with the server. The mobile application makes a request to the server and receives data in json format. Request is a simple reference of type host / pharmacy / 34. In fact, now anyone can send a request to the server. How to deny sending a request to the server to everyone except the application. Or at least tell me which way to google?
- No, in your competence just do not give the data to anyone. If the server sticks out, anyone can come. - vp_arth
|
1 answer
You can only allow access to the directory files of the UserAgent application of your application. This is not a panacea, because There are ways to fake it. But a simple user will not be able to execute a script or access files from a browser.
To do this, you need to set the UserAgent application, for example, as indicated here: https://stackoverflow.com/questions/3904467/android-http-user-agent
You also need to register the permission to only one UserAgent in the .htaccess file, which must be placed in the directory, the access to which files should be denied. For example, for the UserAgent My Android App, the file would be:
RewriteEngine On RewriteCond %{HTTP_USER_AGENT} !My\sAndroid\sApp [NC] RewriteRule ^ - [F,L] Spaces are replaced by \ s.
Community spirit ♦
one
Kirill Malyshev Kirill Malyshev
5.470 one 6 22
|