I’m currently planning to develop a HTML5 app. The basic concept is the following:

Question

0

Asked: June 18, 20262026-06-18T10:34:31+00:00 2026-06-18T10:34:31+00:00

I’m currently planning to develop a HTML5 app. The basic concept is the following:

0

I’m currently planning to develop a HTML5 app. The basic concept is the following:

A user should be able to create a profile with username and password. The Server should be implemented in Ruby on Rails providing a JSONP Api (for Cross-Domain issues).

So the App will send Ajax requests to the Server and get responses from it.

My idea was now to transmit a session_key (generated by server) on the first response back to the client. Then the client has to authenticate himself with this token.

But now i have some issues.

How can i secure the first call of the client (when he is transmitting user and password)?
How can i protect the Session-key from beeing spyed out?

I am a complety noob in security aspects. Therefore it would be great if i could get some hints where to look at.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T10:34:33+00:00

Editorial Team

2026-06-18T10:34:33+00:00Added an answer on June 18, 2026 at 10:34 am

Secure your connection with SSL. This should require no changes in your code apart from putting ‘s’ after ‘http’ ;-).

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m currently planning to develop a HTML5 app. The basic concept is the following:

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply