Menu
i've just read a few posts on hiding Silverlight code in some way. Main conclusion was that you can obfuscate it, but you can't realy hide it, so secure things must be done at the server. But then, anyone can see via Fiddler what kind of data is posted to a particular webservice. For instance, they can see that i'm calling UpdateCustomer.asmx. And if they do, what can i do to stop them from calling that asmx too? Is there a way to allow only 'my silverlight app' to call that method?
240
Nope. Someone can always reverse engineer your Silverlight application to steal whatever authentication credential you use. You can make this reverse engineering process more tedious than it would be otherwise, but you can't make it impossible.
Why is it a problem if someone accesses your URL from a custom client? You're authenticating the user, right?
189
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
