Real Software Forums

The forum for Real Studio and other Real Software products.
[ REAL Software Website | Board Index ]
It is currently Mon Dec 18, 2017 9:47 am
xojo

All times are UTC - 5 hours




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Stand Alone and Secure Information
PostPosted: Wed May 08, 2013 11:19 am 
Offline
User avatar

Joined: Mon Nov 29, 2010 7:01 pm
Posts: 446
I prefer using the stand alone deployment but it will still be quite a while before HTTPS support is in stand alone.

I need the user to enter confidential information, but I do not want that information sent insecurely back to the app.
1) How is this information currently being sent? Plaintext? Is it obfuscated in any way?

2) I don't actually need this information sent back to the web-server, in fact it is better if it doesn't get it. Is there anything I can do so that I can use the Web Controls and styling but essentially stop the "text change" events from being sent to the web-server?

Essentially I am doing an HTTPS Post command where I send secure information to an API. This means I never need (nor want) the actual values of the text inside the web Controls, and the only time they need to be accessed is on the client end with the POST command. I want to use Web Controls however so that I can maintain the layout, look, and feel of the web-app and so I wont have to program any HTML other than the "Post" action on a button.
Is this possible?


Top
 Profile  
Reply with quote  
 Post subject: Re: Stand Alone and Secure Information
PostPosted: Tue May 21, 2013 11:21 am 
Offline

Joined: Mon Jul 02, 2007 12:38 pm
Posts: 62
HTTPS provides encryption. This is a brief extract from wikipedia about HTTPS. " HHTPS provides bidirectional encryption of communications between a client and server, which protects against eavesdropping and tampering with and/or forging the contents of the communication"

So I am assuming that your communications to the API are secured and encrypted.

In fact, it has nothing to do with WE.


Top
 Profile  
Reply with quote  
 Post subject: Re: Stand Alone and Secure Information
PostPosted: Tue May 21, 2013 1:29 pm 
Offline

Joined: Wed Mar 22, 2006 11:15 am
Posts: 712
Location: Southern California
neonash7777 wrote:
I prefer using the stand alone deployment but it will still be quite a while before HTTPS support is in stand alone.


I missed your post earlier this month. You can use a tool like nginx to sit in front of WE and provide SSL and load balancing with multiple WE instances.

Quote:
1) How is this information currently being sent? Plaintext? Is it obfuscated in any way?


Other than possibly being compressed, I believe it's sent in the clear.

Quote:
2) I don't actually need this information sent back to the web-server, in fact it is better if it doesn't get it. Is there anything I can do so that I can use the Web Controls and styling but essentially stop the "text change" events from being sent to the web-server?


Someone from Real would have to jump in here, but I don't believe you can be sure that the text will never be sent back.

_________________
Daniel L. Taylor
Custom Controls for Real Studio WE!
Visit: http://www.webcustomcontrols.com/


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC - 5 hours


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group