Check if a API's connection is secure

Hi,

I am working on a project where users have to use a form to log in (email + password).

Before using POST to send the data to my API, I was wondering if there is a way for me to check if the link between my app and the API is secure.

Thanks!

Hey @yrimbaud,

What do you mean by “secure” in this context? Are you using https? That’s one layer of security.

If you’re trying to check the integrity of the network you’re connecting on… that’s a different case entirety.

What sort of app are you building?

1 Like

Thanks for your quick reply.

I am already using HTTPS.

Before sending data to a specific URL, I want to make sure that the connection between the user and the server is secure. If not, I would like to be able to detect it.

hey @yrimbaud the site from where you get api google can see if the site is secure or not go to the website again and see if google is telling it is secure or not

That’s an awful solution that you are suggesting! :frowning:

If I check myself, it might tell me it is safe. However, it does not mean it will be safe for all users. I am trying to prevent man-in-the-middle attacks.

Let me rephrase my initial question: is it possible to check if the SSL handshake was successful?

Thanks.

I found a solution, maybe it might help future readers.

I created an HTML file on my server that contains JavaScript.

var isSecure = window.isSecureContext

I am using the Web_Viewer feature that allows us to receive messages from the page. If I receive “true”, then, I know I can continue and start sending/receiving data in secure context.

Et voilà !

1 Like