August 2017
Intermediate to advanced
330 pages
7h 26m
English
Content preview from Mastering ASP.NET Web API
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Applying SSL
When the web API requests and responses are transmitted over the internet (HTTP), we may encrypt the password, but the rest of the application data is exposed to the internet. The man in the middle can place an in-between client application and web API application to read those values.
It is very likely to see data being transmitted when the connection is unsecured; to overcome this, we can encrypt the connection using SSL (Secured Sockets Layer) using HTTPS. When this is applied, the communication with web API should take place using HTTPS instead of HTTP.
In ASP.NET Core, SSL can be enforced using the RequireHttps attribute, or enabled globally by applying a filter to IServiceCollection. As our intention is to make an entire ...