I currently have the following functional html which makes a call to my back-end REST API to download a file:
<a href="api/downloadFile" download="file.txt">Download File</a>
I would like to use a password to protect this kind of request. My website is HTTPS. Will the password be encrypted if I make my back-end api download the file for the following href: "api/downloadFile/{password}"?
The password would be read from the user and dynamically placed in the href like so:
<a href="api/downloadFile/passwordFromUser" download="file.txt">Download File</a>
答案 0 :(得分:0)
是的,密码将被加密。只有中间人才能看到域名。
但该链接将显示在您服务器的访问日志中。因此,您将记录用户密码。