I am searching for help. I have done a research of an Ionic app from a costumer. On iOS I found an open port (8080) on localhost and do some investigation. I have created a port-forwarding to communicate with this service from outside. The application give me all the requested and found files. So I’ve decided to write a owe Ionic application to have a better overview about the possibilities and configurations. Then I realized that my app give me a “401 Unauthorized” with the same setup. So I quickly check the request headers and saw that the User-Agent included a secret key. I have installed the same versions of Ionic as the customer.
So here is my questions: What do the costumer wrong? Why my app have a secret in the User-Agent and why the costumers app doesn’t have a secret in the User-Agent?