We develop a REST WEB API (using ReSTEasy), and we happy with the current Web API , and we can consume with Android to make both communicate well.
We now add HTML as client side talkin gto REST WEB API, we get there is a token in session storage![enter image description here][1]
Internally we discuss, we feel that this approach is not secure.
any tips to handle this to make a decoupled HTML apps run securely with our web app.
If you wanna to take a look our full code, can look here.. http://ift.tt/1Fsph9t
We use angularjs, make it talk to the WEB API.
Session Storage Screen Capture can be look here http://t.co/Krq4Mv4CWl
Aucun commentaire:
Enregistrer un commentaire