Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have an app that received JSON data from the server. Currently when I look at firebug, I can see all the data that is being transmitted.
Since its possible for anyone to view and steal this data, what steps do I need to take so that my data is only viewed from within my app and cannot be viewed otherwise.
What are some keywords I can google to understand how this is done and what technologies I need to use.
Thanks
I think you’ve missed the point. You’ve sent the data to the web client, which in this case happens to Firefox. Once you’ve sent the data it is out of your hands.
Firefox can then do anything it want with the data including rendering it on the screen (which is what you want) and rendering it to any debug listeners (which is what you don’t want).
Even if there were some way to block Firefox from displaying the data in firebug, its easy for anyone to write their own web client that pretends to be a web browser and then they can do whatever they want with the data.
You can’t have it both ways – showing them the data on the screen but at the same time hiding the raw json that you have sent to their browser.
If application is sending json data that the user should not see, some kind of secure data, and that information is not shown to the user in their browser, then don’t send that data in json. If they are allowed to view it in their browser then you must send it to their browser, and they can read it in any way they want to.