Closed ronilaukkarinen closed 11 months ago
For aes encryption this is your friend
<!DOCTYPE html>
It also salts it afaics Regrettably we can't have the passphrase out in the open like that. (Which is an issue when trying to access the accesstoken from the aes... Kind of a catch22)
Pagecrypt by Max (AES) requires a defacto password entry, but asking ppl to enter a password is out of question.
Maybe if a php could supply the token from outside ? Their (non html component) code cannot be viewed.
Thanks for the thoughts. Yes, doesn’t really solve the fact it’s out in the open.
Maybe if a php could supply the token from outside
Thought about this, but don’t know yet how to pass it to the event stream.
Right now the token has only
read:statuses
permissions so no harm cannot be done by using it. But it is not a good thing to expose the API code anyway so need to figure out a better way to do this.