Hello,
I have a doubt , when I develop an app that run a encryption algorithm , this algorithm run first on the client computer and the send the data to server , or is executed directly on server , enabling interception of the plain text?
Thanks,
Gab dlm wrote in post #1121158:
Hello,
I have a doubt , when I develop an app that run a encryption algorithm , this algorithm run first on the client computer and the send the data to server , or is executed directly on server , enabling interception of the plain text?
I'm sorry, I don't really understand your question. All of the things you mention are possible. It depends on where the encryption is performed. Encryption can be done on the client using JavaScript or it can be done on the server using Ruby.
If you are worried about someone intercepting the page content displayed by the browser then that's the exact purpose of SSL/TLS. Everything the user would see in their browser window gets encrypted before egress onto the Internet and is only decrypted once it reaches the server. No one intercepting the traffic sent between the client browser and the web server can read anything. All they will capture will be pseudo-random noise.
Give us specifics about what you are tying to do and we can tell you the best solution for that scenario.
