Strategy to Verify Python Program is POST'ing to a web server.

Steven D'Aprano steve+comp.lang.python at pearwood.info
Sun Jun 19 08:03:02 EDT 2011

• Previous message (by thread): Strategy to Verify Python Program is POST'ing to a web server.
• Next message (by thread): Strategy to Verify Python Program is POST'ing to a web server.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

On 2011年6月19日 05:47:30 +0100, Nobody wrote:
> On 2011年6月18日 04:34:55 -0700, mzagursk at gmail.com wrote:
>>> I am wondering what your strategies are for ensuring that data
>> transmitted to a website via a python program is indeed from that
>> program, and not from someone submitting POST data using some other
>> means.
>>> Any remedy?
>> Supply the client with tamper-proof hardware containing a private key.

Is that resistant to man-in-the-middle attacks by somebody with a packet 
sniffer watching the traffic between the device and the website?
> Either that, or just accept that it cannot be done. Compare the amount
> of effort game developers put into trying to implement tamper-proofing
> in software with how little success they've had.

Exactly.
-- 
Steven

---

• Previous message (by thread): Strategy to Verify Python Program is POST'ing to a web server.
• Next message (by thread): Strategy to Verify Python Program is POST'ing to a web server.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-list mailing list