Hi Vafa,
No, not really a security freak. Don’t ever push your HMAC to a client. It
will instantly break security.
Create a small server function that calculates a SHA on behalf of the
browser. Put that function in your public part.
Make sure it only responses to requests from your own domain.
then you can use it in your angular app something like:
$http.get('getSHA',dataNeededToGenerateSHAminusHMAC).then(...)
Does that help you a bit?
Regards
Sander
--
You received this message because you are subscribed to the Google Groups
"AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
