• Join FlightAware (Why Join?)
• Login
• Username or E-mail address Password Login

  Join FlightAware (Free Registration) | Forgot Username/Password Cancel
• العربية Čeština Deutsch English (Australia) English (Canada) English (UK) English (USA) Español (España) Español Suomi Français (Canada) Français (France) עִבְרִית हिन्दी Hrvatski Italiano 日本語 한국어 Nederlands Polski Português (Brasil) Português (Portugal) Русский Svenska Türkçe 中文(简体) 中文(香港) 中文(台灣)

   

View unanswered posts | View active topics

Page 1 of 1

[ 3 posts ]

Print view Previous topic | Next topic

Author	Message
airportpickupapp	Post subject: FlightXML Alert Remote Host Posted: Wed Mar 07, 2012 1:44 am
Joined: Tue Jan 31, 2012 11:42 pm Posts: 40	When receiving POST callbacks to my server endpoint from FlightXML for incoming flight alerts, I want to authenticate the request so that I know it is coming from FlightAware rather than just blindly trusting incoming POST data. Any suggestions on how I could do that? User-Agent could easily be spoofed. Can the remote IP posting to my server be relied on to stay constant, or are there a number of IPs that could post to me?
Top

mduell	Post subject: Re: FlightXML Alert Remote Host Posted: Wed Mar 07, 2012 11:23 am
Joined: Wed Jul 27, 2005 3:00 pm Posts: 4710 Location: FAWHQ	In the short term the best option is probably checking the remote IP. Our current IP ranges are: 216.52.171.64/26 70.42.6.128/25 2600:0C13:1002:0004::/64 72.251.200.64/26 89.151.84.224/28 We've discussed using client-side SSL certificates in the future but have no planned implementation date.
Top

airportpickupapp	Post subject: Re: FlightXML Alert Remote Host Posted: Wed Mar 07, 2012 5:39 pm
Joined: Tue Jan 31, 2012 11:42 pm Posts: 40	Thanks, I've implemented remote IP checking for now.
Top

Display posts from previous: All posts1 day7 days2 weeks1 month3 months6 months1 year Sort by AuthorPost timeSubject AscendingDescending

Page 1 of 1

[ 3 posts ]