如何向小程序传递参数? (安全模式)
我一直在尝试找到一种正确的方法来将一些信息(例如密码)传递给我的小程序。由于代码是在客户端上执行的,我不想将该信息以明文形式放在“param”中。
我使用 php 作为脚本来生成网页。所以,我想知道是否已经有某种解决方案/机制?如果没有,我想唯一的方法是在 php 中加密密码,将其作为参数传递并在小程序中解密?我唯一的问题是解密它的方法也将在客户端小程序中。为此,我想有人可以反编译该小程序并查找它?还是足够安全?
无论如何,我正在寻找一个好的解决方案,希望有一个吗?
提前致谢。
I've been trying to find a proper way to pass some information, such as password, to my applet. Since the code is executed on the client, I don't want to put that information in clear text in the "param".
I'm using php as script to generate the web page. So, I was wondering if there was already some kind of solution/mechanism? If not, I suppose the only way would be to encrypt the password in php, pass it as a param and decrypt in the applet? My only problem would be that the way to decrypt it would be in the client applet as well. For that I suppose that someone could decompile the applet and look for it? Or is it safe enouph?
Anyway, I'm looking for a good solutions, hope there is one?
Thanks in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
没有安全的方法可以做到这一点。小程序可以访问的任何数据用户都可以访问。反编译Java小程序是相当简单的,甚至混淆器也只会增加一点延迟。
There is no secure way to do this. Any data the applet has access to the user has access to. It is quite trivial to decompile Java applets, and even obfuscators only add a little delay.
一个想法:
小程序可以联系服务器获取密码(假设使用 https)。
然后连接到 ftp 服务器。
请注意,如果您使用的是 ftp 而不是 sftp,则密码可能会在网络上以明文形式传递。
An idea:
The applet can contact the server for the password (let's say using https).
Then connect to the (s)ftp server.
Note that if you're using ftp and not sftp, maybe the password is passed in clear on the network.