确定请求是否来自iPhone应用程序 [英] Determining if a request came from an iPhone app

问题描述

我有一个与服务器进行通信的iPhone应用程序（我所有的都是我自己编写的）。我需要确定我的服务器上的请求是否来自iPhone（或任何运行我为此写的应用程序的移动设备）。基本上，我只想允许我写的应用程序与服务器进行通信，需要一种验证方式。因为我正在编写应用程序，所以我可以修改头文件，而不需要任何方式。

我读了一点公钥加密，但我不要以为它会奏效如果我在我的头文件中发送了一些秘密散列词来验证它，那么外部方法是否只能在这些请求中使用相同的标题？

解决方案

可以使用校验和。假设你有这样的东西：
date
subject

并通过使用计算校验和，让我们说MD5（date +string +主题），
，您在服务器上以相同的方式计算MD5。如果他们匹配，他们来自移动客户端。

这将有效，直到有人计算出您的算法。

I have an iPhone app that communicates with a server (both of which I own and wrote the code for). I need to way to determine if a request on my server came from an iPhone (or any mobile device running the app I wrote for that matter). Basically, I only want to allow apps that I wrote to communicate with the server and need a way to verify that. Since I'm writing the apps, I can modify the headers and what not any way I need to.

I read up a little on Public Key Encryption, but I don't think it'd work. If I sent some sort of secret hashed word in my headers to verify it, couldn't some outside party simply get those headers and use the same ones in their request?

解决方案

You can use a checksum. Let's say that you have something like: date subject

and calculate the checksum by using, let's say MD5 of (date + "string" + subject), and you calculate the MD5 in the very same way on the server. If they match, they are from the mobile client.

This will work until someone figures out your algorithm.

这篇关于确定请求是否来自iPhone应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！