How do I encrypt JSON data that is transferred back and forth from client to server? When I use firebug, I can see all the data (contents in result.d
). I'm using ASP.NET 3.5 and C#. Our admin has setup the site to use https but I can still the POST requests and the data. What am I missing?
Thanks!
HTTPS is still your best option - you just need to ensure that HTTPS is, in fact, being used. Firebug can do this for you - if you inspect the full URL being used.
However, Firebug is running on the client, so it is seeing the data before it is encrypted / after it is unencrypted. (Just because you're seeing "all the data" doesn't mean that it isn't being encrypted "over the wire".)
If you need to really verify / see the data in its encrypted state, use something like Wireshark or Fiddler.
Extending upon Greg's comment, this encryption prevents other users on the network from viewing your data - both to and from the server. I.E., if you're at a wireless hotspot, this will prevent other users at the hotspot or other less-than-honorable network operators from intercepting your data in clear-text. If you're trying to prevent the end user (the user using the web browser) from viewing the data, you can't. Any attempts to do so will be defective-by-design™.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With