I don't know if it can be done in javascript. here is the scenario:
i want to allow only legitimate clients to access my service thru javascript, loosely. I think i should issue a scurity token to each of them, so every access has a valid token within the http request. the request will then get a "session" token which will be attched to all the remaining calls for a certain period of time (and can be viewed). and the javascript code embeds the security token for the initial call will be removed thru obj.removechild() or like after the "session" token obtained. can it be done? is it a right way to do?
JavaScript was not designed for access, user, passwords and things like that. As a client-side language, JavaScript code can not be hide, thus security is 0. I strongly advice you to use server-side methods to allow access to your site via a user/password/token, whichever.
Reply With Quote
Bookmarks