Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Encrypt json data

How do I encrypt JSON data that is transferred back and forth from client to server? When I use firebug, I can see all the data (contents in result.d). I'm using ASP.NET 3.5 and C#. Our admin has setup the site to use https but I can still the POST requests and the data. What am I missing?

Thanks!

like image 774
tempid Avatar asked Feb 29 '12 01:02

tempid


1 Answers

HTTPS is still your best option - you just need to ensure that HTTPS is, in fact, being used. Firebug can do this for you - if you inspect the full URL being used.

However, Firebug is running on the client, so it is seeing the data before it is encrypted / after it is unencrypted. (Just because you're seeing "all the data" doesn't mean that it isn't being encrypted "over the wire".)

If you need to really verify / see the data in its encrypted state, use something like Wireshark or Fiddler.

Extending upon Greg's comment, this encryption prevents other users on the network from viewing your data - both to and from the server. I.E., if you're at a wireless hotspot, this will prevent other users at the hotspot or other less-than-honorable network operators from intercepting your data in clear-text. If you're trying to prevent the end user (the user using the web browser) from viewing the data, you can't. Any attempts to do so will be defective-by-design™.

like image 139
ziesemer Avatar answered Sep 28 '22 08:09

ziesemer