How to make sure requests from my site?

Question

How to make sure requests from my site?

Some smartphone users use my api-centric app to clone my service and make it look like their own. Is there any way to make sure all ajax requests to / from my site?

Of course, I could use the referrer header, but they could easily fake it.

+5

javascript jquery

Michelle 20 sept '12 at 4:33

source share

1 answer

Petah · Accepted Answer · 2012-09-20T04:37:25+0000

Set a cookie on the client when it hits your site before it sends any Ajax requests.

Then confirm the cookie when serving Ajax.

Or, alternatively, you can only make an Ajax POST request. Thus, they are subject to the same policy of origin.

This will break the whole calm ideology.

http://en.wikipedia.org/wiki/Same_origin_policy

How to make sure requests from my site?

More articles: