admin管理员组

文章数量:1318580

I'm developing a web project using JavaScript with AJAX requests to WebServices and I'm interested in encrypting the information.

How secure is to encrypt from the client side? Remember that I'm not using a server side language.

I'm developing a web project using JavaScript with AJAX requests to WebServices and I'm interested in encrypting the information.

How secure is to encrypt from the client side? Remember that I'm not using a server side language.

  • javascript
  • encryption
Share Improve this question asked Sep 8, 2011 at 15:48 Diogo CardosoDiogo Cardoso 22.3k26 gold badges102 silver badges138 bronze badges 5
  • 2 If you encrypt something on the client side it makes sense that everyone can see that information as is, doesn't it? – yoda Commented Sep 8, 2011 at 15:50
  • What are you trying to acplish? – Chris Pietschmann Commented Sep 8, 2011 at 15:50
  • Do you mean ensuring the data is secure during transmission to the service? If so why not use https? – Alex K. Commented Sep 8, 2011 at 15:51
  • I'm using https connection but besides that I'm interested in encrypt data before sending it to the WebService. – Diogo Cardoso Commented Sep 8, 2011 at 15:55
  • This might be relevant, or at least interesting: github./GPGTools/Mobile/wiki/Introduction – brandeded Commented Mar 4, 2013 at 17:56
Add a ment  | 

3 Answers 3

Reset to default 5

There was a huge discussion on hackernews about this last week, inspired by this article on matasano..

Basically, secure javascript does not exist. The only way is to have everything be over HTTPS, because if you don't, you expose your user to certain flaws.

But once you have HTTPS, extra encryption via javascript is pointless: everything already is secure.

Couldn't you just have your connections be https instead of http?

Not very secure. There are little tricks here and there that you can do to make it a bit more difficult to breach the security but in the end if you give both the key and lock away to the public then you're not really secure.

本文标签: How secure is JavaScript encryptionStack Overflow

版权声明:本文标题:How secure is JavaScript encryption - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742046154a2417796.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。