| Anyone validating URLS passed to your app??? |
[eluser]mindprojects[/eluser]
Hi guys! I was wondering if anyone has used before some kind of url validation in a web app,as such as appliying an md5 string to the url to validate the url itself avoiding a user to modify it hand by hand. Suppose we are editing a post(id is 10) belonging to a user 'Pippo' passing the url: http://myapp/post/edit/10; I want to avoid that a user can modify this url appending the id of another user post. Obviously i should che it in my edit function,if the user can edit this post,but,why not appending an md5 string to the url itself,where the md5 = md5(uri string + my secret)? The result url would be: http://myapp/post/edit/10/mdf3fef443fwerw....(32chars) Is it a good idea? Thanks guys,any suggestion? |
| Messages In This Thread |
|
Anyone validating URLS passed to your app??? - by El Forum - 11-05-2008, 04:56 AM
Anyone validating URLS passed to your app??? - by El Forum - 11-05-2008, 06:14 AM
Anyone validating URLS passed to your app??? - by El Forum - 11-05-2008, 06:39 AM
Anyone validating URLS passed to your app??? - by El Forum - 11-05-2008, 07:56 AM
|
