Strategy to Verify Python Program is POST'ing to a web server.
Steven D'Aprano
steve+comp.lang.python at pearwood.info
Sun Jun 19 08:03:02 EDT 2011
On Sun, 19 Jun 2011 05:47:30 +0100, Nobody wrote:
> On Sat, 18 Jun 2011 04:34:55 -0700, mzagursk at gmail.com wrote:
>
>> I am wondering what your strategies are for ensuring that data
>> transmitted to a website via a python program is indeed from that
>> program, and not from someone submitting POST data using some other
>> means.
>
>> Any remedy?
>
> Supply the client with tamper-proof hardware containing a private key.
Is that resistant to man-in-the-middle attacks by somebody with a packet
sniffer watching the traffic between the device and the website?
> Either that, or just accept that it cannot be done. Compare the amount
> of effort game developers put into trying to implement tamper-proofing
> in software with how little success they've had.
Exactly.
--
Steven
More information about the Python-list
mailing list