I’m using a public API for my web app and iPhone app. My app

Question

0

Asked: June 11, 20262026-06-11T09:48:29+00:00 2026-06-11T09:48:29+00:00

I’m using a public API for my web app and iPhone app. My app

0

I’m using a public API for my web app and iPhone app. My app performs basics CRUD operations into a database.

As the client key of the API is sent in the HTTP request header, it will be easy for malicious users to dump that key and tamper datas initially passed to the request (with the Tamper Data Firefox plugin for example)

So here’s my simple question : what are the best practices for being protected from this ?
How can I programmatically detect the different cheating cases before sending datas to the database ?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-11T09:48:30+00:00

Editorial Team

2026-06-11T09:48:30+00:00Added an answer on June 11, 2026 at 9:48 am

Serving your webservice in HTTPS rather than HTTP would prevent anyone from sniffing your key on the wire.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m using a public API for my web app and iPhone app. My app

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply