How to ensure that WebSocket is not accessed illegally?
Closed this issue · 4 comments
Deleted user commented
Hi,This is my question.
jreznot commented
Server app should listen only 127.0.0.1 to prevent external access, you should tune it in Jetty runner.
Deleted user commented
Thank you for your reply.
Sure,Listen on 127.0.0.1 can prevent external access.
How do It prevent other program access in local?
jreznot commented
Integrate authentication to your application, something like login form - it is required if your application stores sensitive data. Plus you can modify UserAgent of electron part, for instance include there a secret key, then check this secret key using HTTP filter in the server part, that will prevent random access from third party applications.
Deleted user commented
thanks.
now i have a clue.