Databases
StackOverflow2013
Postsdbo
POSecurely hide jQuery result from user - 2
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POSecurely hide jQuery result from user - 2
    primarykey
    data
    text
    <p>I know i've asked this question before (<a href="https://stackoverflow.com/questions/17885600/securely-hide-jquery-result-from-user">Securely hide jQuery result from user?</a>), but i'm hoping to ask the same question and get a different answer...</p> <p>Basically, I have a jQuery script that generates a random key pair. I need to get that key pair from the jQuery script to a php variable without the user being able to see it.</p> <p>I've been told that this is impossible by a lot of people but I'd really like a 25th opinion.</p> <p>From what I understand, this would infact be possible by using node.js with something like ssjquery or cheerio, but before I go that route, is there a simpler solution?</p> <p>I have an idea and i'd just like to know if it would work.</p> <p>Could I encrypt the data with an RSA public key as part of the jQuery script, then decrypt it on the server with the private key? I've tried this by adding phpseclib-jsbn-rsa encryption into the script, and it seems to work, but is there a way that the user could get the data before the encryption? <a href="https://github.com/mvhaen/phpseclib-jsbn-rsa" rel="nofollow noreferrer">https://github.com/mvhaen/phpseclib-jsbn-rsa</a> Also, would it makeany difference if I called the script with file_get_contents from a php page?</p> <p>I just don't know enough about what's really going on in the process to judge if it'd work. So, if anyone could enlighten me that'd be great, or if you know of another way without using nodejs, jsdom, phantomjs, etc, please let me know.</p> <p>Thanks.</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USCommunity
    1. USNotSoSmart
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POSecurely hide jQuery result from user - 2
      1. This table or related slice is empty.
      1. VTUpMod
    1. COWhy not just generate the key pair via the php script in the first place?
      singulars
      1. POSecurely hide jQuery result from user - 2
      1. USsuperphonic
    2. COThat was my first thought, but these are not regular keys. The script is written in jQuery and I can't alter the script myself.
      singulars
      1. POSecurely hide jQuery result from user - 2
      1. USNotSoSmart
    3. CONo, as far as I know you cannot achieve a high level of security with Javascript other than through obfuscation. I would rather suggest that you merely send the components that you use to build your key to a server side script and then generate the key there.
      singulars
      1. POSecurely hide jQuery result from user - 2
      1. USDaniel Perván
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload