Current location - Quotes Website - Personality signature - Common security problems of API interface
Common security problems of API interface
The 1. interface was maliciously called.

(1) We can solve this problem by using timestamps and passing timestamps. In the service layer, compare the timestamp passed by the interface with the current time, for example, set the validity period of this request to 60 s.

(2) Encrypt the timestamp to prevent attackers from carrying out simulated attacks on the timestamp.

2. Interface data has been tampered with.

(1) uses the signature mechanism to encrypt the uploaded interface parameter data and generate a signature. The server uses the same algorithm to verify the signature to ensure the consistency of the data.

(2) The encryption algorithm is: sign = MD5 (MD5 (a =1120)+MD5 (b =1144)), where A and B are the specific uploaded data.

3. Sensitive interface data is stolen.

Encrypt the uploaded sensitive data, such as passwords. The encryption algorithm is as complex as possible, and the back-end processing can be salt processing to further improve the encryption level.

Finally, we can directly use https protocol to enhance the security of api.

Related articles
  • Tik Tok's rival is jealous when playing ball (60 sentences)
  • Who signed the third-level education?
  • Help me write an imperial edict. If I write well, I will get 50 points. I was invited to attend his birthday. It is necessary to post it.
  • Can I apply for full surrender if the signature of the insured is not my signature?
  • Come here if you know how to write! Hurry! ! !
  • How to sign and confirm the files in Qq group?
  • Sun Xiaosheng corrected his mistake.
  • How to get WeChat signature? How to set WeChat personalized signature?
  • How to distinguish Yamashita Tomohisa's autograph? Who has a photo?
  • Confess the rejected qq signature.

    • copyright 2024 Quotes Website All rights reserved