when calling the server interface, you need to pass in the token, returned by the server when logging in. Should there be a client or a server when the token is obtained? will there be security problems if I have a client, such as cookie or localStorage? is there any solution?
the front end is developed with vue, and the back end is developed with java, and the token mechanism of jwt
if the front and rear ends are separated, they are naturally put on the front end. LocalStorage is better than cookie. Users' own token, security problems have little impact. And your token must have expired.
it is recommended to put it in cookie, and set it to httpOnly, otherwise there is no security, and it is easy for third parties to intercept and use
jwt of course.
if there is nothing wrong with using cookie for web projects, you can send requests in httpOnly, browsers directly with them and do not need extra front-end processing
otherwise, use some localStorage
client, and set HttpOnly
to cookie.Previous: Django deployed on nginx card on socket
1. If I call the function of js natively, I am not sure what the scope of the function of js is. I packaged the node module with bowseriry and wanted to expose the function I wrote to the native call . For example, the global domain of window,node in the...
Import project prompt error: log4j:ERROR setFile (null,true) call failed. java.io.FileNotFoundException: d:classnet.log (the system cannot find the specified path.) ask for the guidance of the gods! ^ _ ^ ...
the logic for the background to return the json result is Map<String, Object> resultMap = new HashMap<>(); resultMap.put("userType", userType); resultMap.put("phone", phone); resultMap.put("channel&q...
background code snippet: UtilHttp.streamContentToBrowser(response, UtilObject.getBytes(list), "application octet-stream"); background list: listbyte[],ioJSAjax: dataType: "text ": ... XMLHttpRequest byteArray: list ...
package cn.chinaunicom.changyue.util; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.lang.StringUtils; ** * : AES<br > * : AES<br > * : <br ...
...
$("-sharpcontract_remark").text( data.data.type==0 ? "" : ""+""+data.data.rentRooms.name +""+data.data.area+"");...
...
RT backend java frontend Vue ...
I want to use ajax to submit the form, verify that the user name password is correct, and use json to transfer data, which is also a post submission method, but once submitted, I find that the user name and password can be seen on the developer s tool. ...
now the pop-up can only be confirmed twice, and you can t enter the content? I want to click "disagree " and pop up an input box to fill in the reason for disagreement. ...
as shown in the figure, there are two input tabs, which are two radio buttons. Choose to turn them on or off. After clicking Save Settings, a div on the page will be shown or hidden. my problem is, when I click Save Settings, how do I know if I cli...
this is the code of the front-end request javacors is there something wrong with the setting mode? I don t know much about the background code at the front end, and I don t know how to solve cross-domain problems in the background . ...
how reliable is the process of password authentication for user login? (do not discuss channel encryption on https) 1. The front-end plaintext passes the password to the back-end for encryption, and compares the processed ciphertext with the database t...
the company has developed a third-party platform for Mini Program. In the case of not being released throughout the network, obviously the operation steps are the same. Why can t the second Mini Program account generate Mini Program? some have trie...
A string is as follows: Table name 1 @ Field 1 ~ Table name 1 @ Field 2 ~ Table name 2 @ Field 1 ~ Table name 2 @ Field 2 how to reasonably handle it in json format { 1:[12], 2:[1, 2] } ...
can you only use the markdown language in README.md in github? I ve experimented with using the markdown language in other files, but it doesn t work. Ask for popular science ~ ...
as shown in the figure above, what is the cause? Front end or back end? I have no idea at all. ...
python smtp send email setup signature? you can also say how it is sent in other languages ....
the development process of the java, backend of our company is to pull the svn warehouse code on its own, and then configure the local server to run the code pulled by svn on the local server. After the local development is completed, the code will be u...