• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.


John Oliv

Oct 23, 2022
Hi, I have question regarding my future app. Need expertise solution regarding how to avoid http capture, nowadays there are many people who is trying to leak our API.

I was just thinking about setting http request authorization in my backend (php).

However, the question is. Is it safe to do? Does development app such as HTTP CRANARY will also capture our request authorization since it is part of http request.
Using HTTP basic authentication (i.e., adding an Authorization header to your HTTP requests) can help secure your API by requiring a valid username and password for each request. However, it is important to note that HTTP basic authentication is transmitted in plain text and can be easily captured by anyone who has access to the network traffic.

To make it more secure, you can use HTTPS (HTTP Secure) instead of HTTP. HTTPS encrypts the communication between the client and the server, making it more difficult for third parties to intercept or modify the traffic.

Additionally, you can consider implementing other security measures such as:

  1. Using API keys: You can use API keys to authenticate API requests. API keys are unique strings that are associated with a specific API client. You can use API keys to track and control the usage of your API.

  2. Using OAuth: OAuth (Open Authorization) is a standardized authorization framework that allows users to grant third-party applications access to their resources without sharing their passwords. OAuth is commonly used for authorization in APIs.

  3. Implementing rate limiting: You can use rate limiting to limit the number of API requests that a client can make within a specific time period. This can help prevent abuse and denial of service attacks.
I hope these suggestions help you secure your API. Let me know if you have any questions.
Upvote 0


We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.