-2

I have a website with an online keyboard. Essentially people can type on this online keyboard and send messages worldwide.

My problem is users can easily intercept the POST network call to the backend and send down any message they want from their physical keyboard. I want to ensure that only input from the online keyboard is accepted.

I have a few things in place to stop users from modify the messages so far.

  • The only accepted characters are the keys found on the online keyboard.

  • Invisible captcha is being used to stop spam messages. Ensuring every messages needs a new token to be posted.

  • I check that the character frequency generated from the online keyboard matches the message being sent.

What else could I do? I've thought about generating a unique token based on the key presses by the online keyboard that could be verified by my backend service but I'm not exactly sure how to go about doing this properly.

Any advice or other suggestions?

Improve this question
2
  • 3
    You can make alternative inputs more difficult, but you cannot 100% prevent it. The web is an open platform with users in control of their browsers. You can check that a HTTP request was made on behalf of a particular user, but not how the user made the request. If you need stronger control of the user interface, you'll have to use a locked down platform with DRM features like Apple iOS. Commented Dec 23, 2024 at 13:12
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Commented Dec 24, 2024 at 7:03

1 Answer 1

Reset to default
-2

To make certain only messages out of your on-line keyboard are widely wide-spread, you may beautify protection by means of producing a unique token for every keypress. This token would be tied to the person's session and validated on the backend to verify the message became typed on the keyboard. Additionally, use HTTPS for stable communique, implement price-limiting to damn unsolicited mail, and reveal unusual styles like speedy typing speeds. Combining those steps together with your current checks will make your machine a lot harder to pass.

Improve this answer
1
  • As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center. Commented Dec 24, 2024 at 7:04

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.