Quote:
|
Originally Posted by dansays
I'm far from the world's leading crypto expert, but might you be able to do some sort of initial cookie-based "pairing" with the iPhone on the LAN? Have OF check the IP of the request, and if it's on the same subnet, give it a token. Whenever the client subsequently tries to request a page outside the local subnet, hash the token against the current time, pass it back to OmniFocus, who in turn verifies the validity of the token. (Like I said, I'm not a crypto guy, so apologies if some of the terminology is confusing.)
|
The only problem is that cookies are passed as text in the clear so anyone snooping would be able to fake the cookie pretty easily.