Encryption JSON request and reply

@Jason_BeckerJul 12.2011

Hi! I need to encrypt my AJAX requests and responses from the server. As the message format I use simple JSON. Can you advise any libraries about it?

to post a comment

JavaScript

7 Comments(s) _↴

@svidgenJul 12.2011 — #And HTTPS isn't an option?

@rnd_meJul 12.2011 — #you can steal the ciphering function from http://danml.com/pub/crypto.htm , but you'll still have to get the user the key somehow, which makes it difficult to use for public sites.

if you distribute a big key on a thumb drive, it's pretty safe...

It's a better bet to simply use https for both your ajax and html pages urls. if you use https for just the json, you won't be abler to use ajax, and there will be an annoying security "mixed zone" warning.

@Jason_BeckerauthorJul 12.2011 — #I did not use HTTPs yet. Can the user view the structure JSON response via Firebug in this case ?

@rnd_meJul 12.2011 — #I did not use HTTPs yet. Can the user view the structure JSON response via Firebug in this case ?[/QUOTE]

of course. you're not trying to hide your code are you?

@Jason_BeckerauthorJul 13.2011 — #rnd me. I want to hide a structure of my AJAX requests and response only so I have to use encryption.

@rnd_meJul 13.2011 — #rnd me. I want to hide a structure of my AJAX requests and response only so I have to use encryption.[/QUOTE]

in that case, do yourself a favor: give up now before you waste any more time.

@svidgenJul 13.2011 — #You can certainly obfuscate and even encrypt messages/JSON/XML. You can even obfuscate the code that de-obfuscates the message. But ultimately, the end-user needs to possess the code that knows how to read the message. So, it's a little silly to encrypt it ... unless your intent is to keep it from staying unencrypted [I]in cache[/I].

If the intent is to keep a user's private data out of the cache (say, if you're concerned about folks using your app at the public library), this request is a little less silly. But, if you're trying to keep client-side code, an algorithm, or a messaging format protected, you're likely just wasting your time.

Also in #JavaScript _↴

time to share need to conver URL variable into text Preserving submit values when Enter key is pressed.

Success!

Help @Jason_Becker spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 5.11,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...

Encryption JSON request and reply

7 Comments(s) _↴

Also in #JavaScript _↴

Success!

Social

Version

Encryption JSON request and reply

7 Comments(s) ↴

Also in #JavaScript ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

7 Comments(s) _↴

Also in #JavaScript _↴