Javascript 使用应用程序名称和应用程序密码调用 Rest API

编程入门行业动态更新时间:2024-10-25 14:27:53

本文介绍了Javascript 使用应用程序名称和应用程序密码调用 Rest API - 我如何保护它的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

限时送ChatGPT账号..

我相信这个问题已经被问了很多次了.

I am sure this Question has been asked a lot of time.

但想再次确认我的怀疑并获得一些提示.

But wanted re-confirm my doubt and get some tips.

我计划将 buddy 后端作为一项服务来使用.我看到他们的大部分 REST API 需要嵌入应用程序名称和密码，如果您使用的是 JavaScript.他们还没有任何关于 javascript 的文档.但是想知道我现在是否必须使用普通的 html 或 HTML5 Web 应用程序从 Javascript 开始使用它.我如何使用它.

i was planning to play around with buddy back end as a service. and i saw that most of their REST API requires App Name and Password to be embedded if you are using JavaScript. They don't have any documentation for javascript, yet. But was wondering if i have to start using it right now from Javascript using normal html or HTML5 web app. how do i use it.

我不想以明文形式传递应用密码，因为任何人都可以查看浏览器的源代码或运行 fiddler 来查看正在调用的内容.我知道有人会说，嘿，你为什么不使用特定时间有效的令牌系统.

i don't want to pass App Password in the clear text as anybody could do a view source of the browser or could run fiddler to see what's being called. I know once would say, hey why don't you use the Token system valid for a particular time.

但我是这里的消费者，我如何保护在浏览器的视图源中看到的密码，因为我将通过网页/应用程序上的 java 脚本调用 API.

But i am the consumer over here, How can I protect the password being see in the view source of the browser since i would be calling the API through the java script on the web page/ app.

buddy API 的典型示例

Typical example of buddy API

http://webservice.buddyplatform/Service/v1/BuddyService.ashx?Pictures_ProfilePhoto_Add&BuddyApplicationName=&BuddyApplicationPassword=&UserToken=&bytesFullPhotoData=&ApplicationTag=&RESERVED=

任何提示将不胜感激.谢谢

Any tips would be greatly appreciated. Thanks