Basically, this third-party application is using data from my website to fetch data and load into there application.
The scenario is this application has an internal login page on which end user insert my website credentials & this application fetch and load the data. I don't want to happen that.
1) I want to restrict this application also it is opening the entire page in webview in another link. 2) Some of the requests are going with X-Requested-With Header what it means?
Can CORS Headers, Domain Headers or any security implementation we can try to mitigate this
Aucun commentaire:
Enregistrer un commentaire