What feature or enhancement are you suggesting?
Please feel free to close if you don't think it is relevant.
But, since this repo is primarily a crypto repo, I thought I'd be nice to include some useful security features such as ssl pinning.
As you'd know, clients that make direct https calls to API providers would need to likely include an API key. It is not always practical to send this call via backend. Storing it in SecureStore or another encrypted storage doesn't help the case at all, since it is attached as part of the network headers.
Without SSL pinning anyone with burpsuite intercepting the outgoing request can gain access to these credentials.
What Platforms whould this feature/enhancement affect?
Both
Alternatives/Workarounds
I'd have to use react-native-ssl-pinning
Additional information
What feature or enhancement are you suggesting?
Please feel free to close if you don't think it is relevant.
But, since this repo is primarily a crypto repo, I thought I'd be nice to include some useful security features such as ssl pinning.
As you'd know, clients that make direct
httpscalls to API providers would need to likely include an API key. It is not always practical to send this call via backend. Storing it in SecureStore or another encrypted storage doesn't help the case at all, since it is attached as part of the network headers.Without SSL pinning anyone with burpsuite intercepting the outgoing request can gain access to these credentials.
What Platforms whould this feature/enhancement affect?
Both
Alternatives/Workarounds
I'd have to use react-native-ssl-pinning
Additional information