1) I have java scrip chart on one page, it bind data in java script on client side. the binding are expose to client. I do not own the chart source code - but it is hosted on my server.
2) to get data i call, using ajax, to web handler to my server and get data from that handler - simple text (ashx).
here is the problem how to protect my data in #2 so that no thief can get my data.
Chart page is available to public use, no log in require.
Here is my current idea.
1) may be generate some encrypted key from server side , including in key, current time, user ip and unique id etc.
2) when call for data server see it. save the key in data server.
- 2.1 if then user come again using same ip - but different unique id, then i block access to older key.
- 2.1. a user however may never refresh page - then how to handle this??
- 2.2. can 2 users have the same ip???
- 2.3. i will have tons of older key to block the thief users.
1) when user open a page send user id to data server - set expire time there
2) if key expire then data server will block that key
2.1.a user again may never refresh page and i may end up block legitimate users.
Who has some clever idea.