0

Is it possible to create a secure (not easily hackable/reverse engineered) server request token from javascript code (visible to anyone) which can be validated at the server side.

To understand the question better here is the scenario depicted as an diagram:

enter image description here

Stacked
  • 841
  • 2
  • 12
  • 23
  • http://stackoverflow.com/questions/7432556/javascript-asymmetric-encryption-and-authentication – zero323 Sep 10 '13 at 12:09
  • JavaScript is always visible to the client and can be reverse engineered. Even if, somehow, can prevent reverse engineering, people with real bad intentions can just implement webkit or gecko in their application to run all code just like any browser would. – Tim S. Sep 10 '13 at 12:11

1 Answers1

0

Well, I don't know if my answer is what you need, however:

You can not have a safe way to encrypt with Javascript unless you are using SSL/TLS. But I think you will not need a JS program to encrypt your data since it is already encrypted by SSL/TLS.

The link below provides a better answer than mine: http://www.matasano.com/articles/javascript-cryptography/

Mauricio Abreu
  • 155
  • 1
  • 9