Enforcing Facebook Authentication: Client-side and server-side?
This is a legitimate concern because you are in violation of CWE-603: Use of Client-Side Authentication . Encryption cannot help this station because a malicious client will be able to obtain any secret.
I just spent a ton of time trying to figure this one out! I know this is an old question, but hopefully it will be useful to you still or at least someone else.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.
Related Questions
Mixing client-side authentication with server-side authentication?
Sharepoint web services — The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM?
Facebook access token: server-side vs client-side flows?
How to confirm client-side Facebook app login from server side?
Check Facebook login status: Client side vs Server side?
Server-side authentication with ssl: sending certificate file from client?