TechQA.

Webservice - How to implement an anti phishing key in a service that accept a callback

292 views Asked by At

I need to implement a web service that will receive a callback.

In my web application I will need to implement something like this:

http://mywebsite.com/callback?key=[an_anti_phishing_key]&otherparam1=[something1]&otherparam2=[something2]

A detailed explanation. There will be a 3rd party service that will request this URL with this parameters. And this service need that I implement an "anti phishing key" so that they can communicate securely with mywebsite.com

My doubt here is how to implement this anti phishing key in a secure manner.

Any ideas of possible implementations?

python django web-services security phishing
Original Q&A
1

There are 1 answers

0
Pradeep Pati On

If you do a GET request as a client to the server over HTTP, it is susceptible to a Man-in-the-middle attack. What you can do is to allow only POST requests over HTTPS. That would be more secure than the former.

Related Questions in PYTHON

Related Questions in DJANGO

Related Questions in WEB-SERVICES

Related Questions in SECURITY

Related Questions in PHISHING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions