I have an API for User Login, but while doing the AJAX in the front end, Im exposing sensitive parameters like; merchant id, etc. What I want to know is if I can host a PHP script which my Front End can pass parameters to, then for that PHP script to do the AJAX and include the sensitive parameters so users wont see them.
This is my front end AJAX, I want to hide these parameters in the PHP:
$.ajax({
url: 'http://api.com/api',
type: "POST",
data: ({
'api_username': 'abc123', //keep this hidden.
'api_password': 'password', // keep this hidden.
'MODULE': 'Customer',
'FILTER[email]': $('#email').val(),
'FILTER[password]': $('#password').val(),
'COMMAND': 'validate',
'jsonResponse' : 'true',
'click': 'Display'
})
Aucun commentaire:
Enregistrer un commentaire