Secure https header and response in browser (API Calls)

Asked Oct 14 '19 at 08:59

Active Oct 14 '19 at 08:59

Viewed 176 times

Is there any way we can hide https web API request header and response which user can see when inspecting the browser page

I have used JWT token and CORS for to secure web API but when inspecting browser I can see JSON response and header details

I am using angular 7 in which we have services which call Web API (C#)

Actual Result:- End user can see header and response of web API call when inspecting browser and navigate to the Network tab

Expected Result:- Secure https header and response from server into the browser so that end-user can not see it

asked Oct 14 '19 at 08:59

Amol Gunjal

1

but why? this is how the JWT works. please read : https://jwt.io/introduction/ – Joel Joseph Oct 14 '19 at 09:01
Yes, JWT works fine, my main concern about when we open developer mode in browser, on network tab we can see web API call, there itself we can see the response from web API and header with attached content into it – Amol Gunjal Oct 14 '19 at 09:09
where the jwt token is placed in your requests? ok, in the request header, and so, since you have to send your token in the request header, to make it works, you have to send it – ale Oct 14 '19 at 09:25
@AmolGunjal please take a look : https://stackoverflow.com/questions/47402405/jwt-why-is-my-token-shown-in-chrome-devtools – Joel Joseph Oct 14 '19 at 09:44

0 Answers0