News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Zend Developer Zone:
Preventing Unwanted Access to Your API
January 26, 2007 @ 09:51:00

On the Zend Developer Zone, there's a helpful hint for users out there running a web service to help keep things safe:

Ok, so you've written a cool new Web API and you've written l33t JavaScript to call it from your page. The problem is, anybody who views your source can see how you call your new toy and use it for their own nefarious purposes. Granted, sometimes this is what you want but there are times when you want to keep your toys to yourself. For those times, here is a quick trick you can implement that will help thwart most evil doers.

The quick trick involves the placement of a secret variable into the session after the user has been validated. The sample code to make it work is provided and and example Ajax call illustrates how it's used. Then all the API has to do is check for that value in the data passed along.

0 comments voice your opinion now!
prevent unwanted access web service api session prevent unwanted access web service api session


blog comments powered by Disqus

Similar Posts

Rob Allen: Simple logging of ZF2 exceptions

Justin Carmony: First Serious Attempts with PHPUnit, Composer, and the Omniture API

Zend Developer Zone: ZendCon Sessions Ep. 23: Rickroll To Go w/PHP, WURFL, & Other Open Source Tools

Gonzalo Ayuso: How to configure Symfony’s Service Container to use Twitter API

JSLabs Blog: How to use the facebook API


Community Events











Don't see your event here?
Let us know!


application opinion facebook release language component composer podcast symfony2 hack install introduction framework hhvm code security unittest package overview series

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework