Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
omom13597yAaahh just put it in the URL params, if someone ever see it he would definitely have the skills to bypass our security layer so why bother..
-
Teosz14107y@divil
Nope sometimes it just fucks things up. Or I am a retarded and can't use it... Or both. -
Teosz14107y@nukasev
If I have to guess the one guy who did the web interface as well. (I've ranted about it previously.) But I guess it is better for him to stay unknown. -
Just be thankful the app is communicating with a rest API and not directly to database, I have a friend said he was recently asked to do that 😒
-
Teosz14107y@NyxMC @gnaaah @runfrodorun
It is using https the packet capturer uses SSL stripping. :D
So I guess it is OK then? -
gnaaah9837y@Teosz I think you mean HTTPS decryption ;)
Stripping would just leave you with the domain and nothing more
Oh God NO! Please tell me it is not normal for an Android app cumminacating with a rest API to send my login credentials in a fucking GET request!
undefined