-1

I am sending a java object like user information in rest web service call and display the some information in angularjs controller $http.post call response as data

Below is my piece of code in rest web service call

public @ResponseBody getEmployeeDetails(int id){
      Employee employee = getDetailsFromDB(id);
      return Response.put(employee).build();
}

In angularjs controller i am getting as

$http.post("./rest/getEmployeeDetails").then(function(data){
       var employee = data;
 });

So in browser networks, in response i can see the response data clearly like

data: "Name": "Bri Squared", "Role": "Admin", "Mobile": "9829399402"

In this case i need to hide the information, so i need to encrypt and decrypt data. Can anyone suggest me any idea for encryption and decryption between rest web service call and response in angularjs controller?

Manoj Kumar
  • 29
  • 1
  • 2
  • 6
  • If your concern is that the end user can see your data, there isn't much you can do here if they are determined to see it. For example, they could set a breakpoint in your javascript right after it deciphers the data. Nothing can be really hidden from the user once they have it on their computer and try hard enough. – jingx May 09 '17 at 18:12
  • @jingx is right. You're building a JavaScript client. Anyone using your application can see the data in the browser. Just use HTTPS so you're data is encrypted via SSL before it hits the network. – Ben May 09 '17 at 18:14
  • SSL. JWT. The question is flawed since client side code isn't secure by design. – Estus Flask May 09 '17 at 18:16

1 Answers1

0

For the sake of answering the question, you can use Crypto-js for angular/2. How to use CryptoJS with Angular 2 and TypeScript in WebPack build environment?

But as a reminder, there is really nothing to hide in Javascript. It would be useless to do encryption and decryption in JavaScript. Keep your channel secure on TSL and anything you want to hide from the client just don't share it.

Amr Eladawy
  • 4,193
  • 7
  • 34
  • 52