Securing API data: Utilizing encryption techniques in express and nuxtjs to deter scraping efforts

I'm looking for a secure way to encrypt my API data in order to prevent users from viewing it in the network tab or as plain text within objects like window.__nuxt__.

Currently, I am following these steps:

  1. Encrypting data on the back-end using a secret string (like a password)
  2. Sending the encrypted data to the front-end
  3. Decrypting it on the client-side using the same password used in the back-end

However, I have encountered an issue: The decryption function can potentially be accessed by inspecting the bundled JavaScript files in the browser.

Even though the function is obfuscated, it could still be reverse-engineered. Additionally, since the password is embedded within the function (as there are no process.env variables available on the client-side), there is a risk of unauthorized access to the data.

What would be the most effective method to mitigate this risk?

I am aware that the data will eventually be visible in the browser, but I aim to prevent it from appearing as plain text.

For reference, I am utilizing Express in the back-end and NuxtJS in the front-end.

javascriptexpresscryptographynuxt.js

Answer №1

There is no foolproof way to stop this from happening. The best you can do is add layers of complexity.

In the end, if the user can see the data in their browser, it can be retrieved from the DOM. If you want the user to view the information, you will need to provide all the necessary code to decrypt the encrypted data.

You may try to obscure the code, but an attacker doesn't necessarily have to reverse engineer it to access the data – they could simply execute it instead.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

What are some ways to calculate the average of data values in a Vue v-simple-table?

I am working with a v-simple-table. The "TotalAverage" value represents the total average of "ggFinalgrade". How can I retrieve this value? View current image The image I want to display The initial value is 20 calculated as (30+20+10)/3=20 The seco ...

javascriptvue.jsvuetify.js

Odd gap beside Bootstrap5 navbar that needs fixing

While working on a layout featuring a left-sided nav-bar menu, I encountered an odd blank space between the navbar and the main content area. Can anyone shed light on why this space appears and how to eliminate it? For reference, here is the code snippet: ...

javascripthtmlcssbootstrap-5

Having trouble with the CSS positioning of divs created with JavaScript: it's not behaving as anticipated

Let me start by saying I have always struggled with CSS positioning. It seems like I am missing something simple here... So, I have a JS script that generates divs within a parent container called #container which is set to absolute position. Here is the ...

cssjavascript

Error Message Missing from Google Cloud Function Response

In my Google Cloud function code, I have encountered an issue where the status changes to 400 when there is an error creating a new user. However, on the client side, I always receive an "Error: invalid-argument" message regardless of the actual error from ...

javascriptnode.jsfirebasegoogle-cloud-functionshttp-status-codes

After deploying to Firebase, animations suddenly cease to function

After running npm run-script build and deploying my React app to Firebase hosting with firebase deploy, I encountered an issue where my animations stopped working. I'm puzzled as to why this is happening, especially since I've included keyframes ...

javascriptcssnpmweb-deploymentfirebase-hosting

What is the syntax for calling a constructor using "require"? Is it "require(module)(CONSTRUCTOR)"?

I am facing the following issue: I am trying to instantiate my constructor in this way: var object = require('module')([params]); The code for the module looks like this: function FunctionName(param) { // function body.. } exports = mod ...

javascriptnode.jsrequire

Is it possible to use Express.js in conjunction with Node.js net to set up a TCP protocol listener?

Currently in the process of developing a chat server with expressjs. I was wondering if it is feasible to utilize both expressjs and the nodejs net module for the application in order to have it listen on tcp port 7677 for incoming messages. Appreciate a ...

node.jsexpress

Creating point illustrations with Three.js

Looking to incorporate random points into a web project using Three.js. Here's the current code: <script type="module"> import * as THREE from 'https://threejs.org/build/three.module.js'; import { TrackballControls ...

javascriptthree.js

A step-by-step guide on deleting an element within a div using jQuery

I am attempting to delete an HTML element using JQuery like this $('#' + divId + ' .settings_class').remove('.print_settings'); This code does not result in an error or remove the specified html element, however, the selecto ...

javascriptjqueryhtml

Fresh Redux shop in stealth mode

I am managing a Single Page Application using React and Redux. Some customers have expressed interest in keeping two separate instances open with distinct credentials (one in normal view and one in incognito mode on Chrome). As both instances can access t ...

javascriptreactjsgoogle-chromereduxincognito-mode

Utilizing ReactJS to dynamically display various content based on onclick event

Is it possible to dynamically display different content based on button clicks? I want to create a schedule where clicking on specific days like Monday will reveal exercises and timings only for that day. The same goes for Thursday and other days. You ca ...

javascriptreactjs

Showing how to make an element visible in Selenium and Python for file uploading

Check out this HTML snippet: <div class="ia-ControlledFilePicker"><input class="ia-ControlledFilePicker-control icl-u-visuallyHidden" type="file" id="ia-FilePicker"><label class="ia-ControlledFilePicker-fakeControl" for="ia-FilePicker">C ...

javascriptpythonpython-3.xseleniumselenium-chromedriver

Attempting to loop through a JSON data structure in a React component

Trying to add a toggle checkbox for each JSON value present. Here is an example of the json object pertaining to element { "sourceIP": { "Primary": ["237.100.100.3", "238.0.4.8"], "Secondary": ["237.0.1.178", "237.1.1.91"] }, " ...

javascriptjsonreactjs

Uncovering the Power of Shadow DOM within HTML

Lately, I've noticed a lot of buzz surrounding Shadow DOM. During a video I watched about the launch of Angular 2, the speaker kept mentioning Shadow DOM without much explanation. Can someone clarify what exactly Shadow DOM refers to? ...

javascriptangularjshtmldom

Executing multiple server-side methods on an AJAX call in ASP.NET MVC: A comprehensive guide

I am facing a situation where I have a method that is called by jQuery, and its result is displayed on a popup. Sometimes, it takes some time to complete and a blank popup appears with processing message. When clicking on close, the popup disappears but th ...

javascriptjqueryajaxasp.net-mvc

In the year 2021, eliminate linked documents using mongoose/MongoDB middleware

After extensive research on stack overflow, I attempted various solutions for deleting referenced documents in MongoDB using node.js. Unfortunately, most of them either utilize deprecated methods or simply do not function as expected. Within my applicatio ...

javascriptnode.jsmongodbexpressmongoose

Unexpected error encountered with the release of Angular 2: "Module import of 'ElementRef' resulted in an unexpected value"

After upgrading to Angular 2, I encountered an error related to ElementRef. Initially, I received the error message Angular2 RC5 error:zone.js: Unhandled Promise rejection: No provider for ElementRef which was discussed on this thread. I adjusted my code a ...

javascriptangular

Expressing the relationship between API endpoints in a nested structure

I'm currently working on a REST API using expressjs. There are two api endpoints that I have defined: router.get('/probe/:id', function() {}); router.get('/:id', function() {}); However, I am facing an issue where calling the fir ...

javascriptnode.jsexpress

Tips on implementing JSON data into select2 plugin

I have been trying to integrate the select2 plugin into my project. I followed a tutorial from this link, but unfortunately, it's not functioning properly for me. Here is the JSON output: [ {"ime":"BioPlex TM"}, {"ime":"Aegis sym agrilla"}, ...

javascriptjqueryajaxjsonjquery-select2

Incorporating a delay into looped HTTP requests while effectively utilizing Promise.all to track their completion

Greetings! In my current project, I am trying to introduce a 50ms delay before each subsequent HTTP request is sent to the server. Additionally, I aim to incorporate a functionality that triggers after all requests have been successfully made. To better e ...

javascriptnode.jshttpexpress