Information générale
Catégorie:
Appareils mobiles
>>>The last time I needed this type of security we required the user to request an account which triggered an email to admins with a link allowing them to approve the request and activate the account Also, by storing a token in html5 local storage, we allowed users to be permanently 'logged in' unless they specifically logged out (or their account was disabled by admin)
>>
>>Pure Noziness: did you check the security aspects of local storage? Before WebSQL was murdered, that one was the biggest doubt to my highflying plans ;-)
>>From the Docs it is supposed to be safe, but how often did they claim to have fixed cross-site/frame scripting ?
>>How strong is it encrypted? Is it possible the user maps local storage to mSDHC?
>
>Short answer : I don't know how secure it is. Theoretically it's only accessible from the same URL that wrote it. We're also storing quite a bit of data locally for use in offline situations.
>
If you run special tests or encounter problems (in the app or in literature), please post
thx
thomas
Précédent
Suivant
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement