Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m trying to make a bookmarklet that does something similar to what Instapaper’s does. I need the bookmarklet to send the URL of the page the user is visiting and the user’s token(so the server identifies the user). How can this be done? Do you recommend I send a POST request or rather by routing the URL(for eg http://example.com/USER_TOKEN/URL )?
Also, will I need to worry about the user’s token being stolen? If so, how can I handle that?
Since everything you transmit over plain HTTP is basically unencrypted plain-text, yes, you need to worry about the token being stolen.
What’s more important imo, is that including the user token into your bookmarklet seems rather hack-ish:
I would suggest something along the following lines:
Extra points are given for the “Please log in” thingy remembering the URL the user has been trying to save so he doesn’t have to re-submit after having logged in.