Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
i'm really new to these things. Normally in making website it's easy to secure it becasue everything is actually local. Just PHP or someting like that process data and shows up in a static page. But when we got desktop app i don't know how to do it. How can i make app <-> server relation? Like Instagram or Facebook or something like that. At the first i think JSON might work for that, but it think it's not secure for all information.I hope i explained good.
Little bit late but if someone comes here, here's the answer you're looking for; HTTP. Yeah It's that simple. Learn how HTTP works. For making security tight, look for cross origin resource sharing (CORS), two-way encryption, server-side validation and so on. Have a good day!
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am interested in automation on the internet. I own a NAS server and have a website at a webhotel.
Let's start out slow. If i wanted to call a webpage a few times a day, what would my options be? On my NAS server i can write custom batch files, but I don't really want to learn how to do this, it doesn't seem too easy to get into (correct me if wrong). Are there any frameworks that can help me do this? I looked a little into Node.js, and it seems pretty good. Can i put a Node.js script on my server, and have it call a website at specified times?
So, my question is this:
what are the most widely used options, when it comes to automation on the internet?
EDIT: When I say "call a website", i mean call a webresource via a url, which would then do whatever it is instructed to do. Such as write to a database with php.
Usually lightweight varsion of linux can be accessed on NAS servers. In this case you can install any web server on it. But considering phrases "but I don't really want to learn how to do this" and "what would my options be" I would say: Hire specialist.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have an application done fully in JavaScript using Ember.js. What I want help with is the following:
I have two account types: basic and premium.
Depending on what account type the user have I wish to display ads him.
The user can use parts of my application only if he has a premium account.
What I must have in mind in order to protect my application so it's secure against people trying to use premium features without having that privilege? Because all Javascript will be sent as a single file, people can just look at all my app code and maybe reverse it or even copy it and use locally without even entering my site, which would put all my effort to waste.
Your client side code shouldn't be considered more than sugar for the user's experience, not a layer that is trusted.
That means your backend should be pessimistic in nature, not trusting requests from the client, but making sure they can make said request, and sanitizing any data sent to them assuming the user is trying to do harm.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
If you don't want to read what im trying to do just skip to the "My question" part :)
My goal:
developing an application that saves as much server performance as possible.
There is no such thing as 100% secure, the app of course should be as secure as its coded.
However the founder of http://lavabit.com/ actually managed to take his security as far as making it NSA-safe (which obviously is the reason he had to shut it down).
My Progress:
I already discovered the BackboneJS Framework, which has saved me a lot of server-side coding,
using javascript templating, routing, input validation,client communication using websockets.
My Question:
since installing node or php on the server is a security risk in itself (which is the reason security issues need to be patched on newer versions.).I would like to know if there is a way to authenticate users without being forced to install nodeJs or PHP.
If you're able to use HTTPS then perhaps you could look at just using Basic access authentication? The web server itself would do the authentication - more information on Basic Auth in Apache can be found here.
I really think the experience you get from using a server-side language and cookies etc. is far richer and offers a much nicer user-experience. I'm not sure I understand the security risk[s] which you allude to. Alternatively if security is something which you are hesitant about, and feel that it will slow your app down, then perhaps you should consider designing your programme in such a way that security is not an issue.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I'm new on using node.js
Surfing around the web i couldn't find any example of code of a simple sign-up/sign-in that could also show me how to manage database in node.
I mean the app.js page for server and the related client-side html page, and their relation. Can someone help me or give some useful link i couldn't find?
using Cassandra and i.o. socket, it'd be the best help.
You can use Passport library http://passportjs.org/ , there should be an example there. You can also use https://npmjs.org/package/passport.socketio if you want to login by socket.io
I recommend using http://passportjs.org
It has support for simple username/password authentication as well as OAuth etc
http://passportjs.org/guide/username-password/
There's also a good tutorial here:
http://danialk.github.io/blog/2013/02/23/authentication-using-passportjs/
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I want to request a list of sizes from a database on my server (which is obviously not on ebay.co.uk's domain). I could do it entirely through flash... but it seems clumsy for a simple form. I think the ideal solution would be a javascript + flash solution. The problem is all of the sites I have found seem to have very complete solutions and ebay does not like huge chunks of javascript (I am not sure exactly which functions it allows and doesn't... but the less javascript the better).
So what I am looking for is a very small and simple cross domain ajax solution that will allow me to make requests from my server. Anyone any ideas?
TIA
Read Ways to circumvent the same-origin policy for many ways of circumventing the same-origin policy.
In your case, I would suggest http://anyorigin.com - it's simple to use and (unless you're sending volatile information) perfectly viable. It could all be done in a couple of lines of js!
eBay will not allow including javascript or even iframes in item description.
The only solution for that will probably be using Flash object(that is allowed by eBay) that will communicate with server side scripting page(php/asp) which will make the request to your database.
The cross-domain communication will be between the flash and the server side page, this issue can be easily solved.