is there a possible way to hide the form data or controllers value in web bowser i need to hide the username and password when logging in im currently working on security for my site. but unfortunately after checking in google chrome developer's tool every time im requesting for ajax call it shows my password and user name if you go to NETWORK and browse the ajax call. is there s certain code that will hide my sensitive data for me?
问问题
738 次
1 回答
4
There is no effective way to hide the username and password from the browser, if the attacker has access to the browser then the war is lost. What you should do however is protect it during transit from the user's browser to your server. You can accomplish this by using SSL. SSL will encrypt the form data in transmission so someone intercepting the traffic cannot view the form data.
Setting up SSL is beyond the scope of SO so here's a link to get you started. http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis
You can ask more questions on how to setup SSL in the Superusers stackexchange site.
于 2013-10-07T03:55:22.340 回答