• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
About is_ajax_request

#1
Hi! I'm new in Codeigniter, and I'm making this question because I didn't find anything about that.

So, I did an add comment system using Ajax in the view, that calls a function in my Post controller. I saw that if I went on "localhost/controller/function" I got a mysql error because some fields were "NULL". So I inserted 
PHP Code:
$this->input->is_ajax_request() 
but I was asking myself: can I bypass this check in some way? Is this secure? Can be spoofed? 

If you have some suggestion to protect my function I'll learn something new Tongue
Best regards!
Reply

#2
Yes, it can be bypassed (easily spoofed). You don't want to use it for security. That said, you wouldn't normally show a link to that URI, so it's not likely anyone will go there. You should do some validation before making the MySQL query, because you should be rejecting NULL before allowing a query.
Reply

#3
(07-17-2017, 03:23 PM)skunkbad Wrote: Yes, it can be bypassed (easily spoofed). You don't want to use it for security. That said, you wouldn't normally show a link to that URI, so it's not likely anyone will go there. You should do some validation before making the MySQL query, because you should be rejecting NULL before allowing a query.

Agreed, i would add that if you're approaching this from a security perspective you should assume that anyone with malicious intent will visit that page even if your regular users are unlikely to. 

If it's causing MySQL errors you should account for the data being sent to that URI (or the lack thereof) and perform some validation so your SQL query doesn't even get executed unless all required data is supplied in the right format that you expect from the front-end.

It's also good practice to turn off errors being sent to the browser on your production environment, although this does not stand in for making your application secure by any means as you can perform SQL injection and other attacks 'blind' with enough effort.
Reply

#4
Thank you for your replies.
Yeah, I didn't added a check in the MySQL because I was testing all, obviously I'll fix that.

Another question: there is some way to hide the ajax request link, or the entire js script? And about the csrf: to make the ajax request I disabled the csrf regenerate, is it secure? Or I must insert a data in the ajax request as my csrf token? Thank you!
Reply

#5
(07-18-2017, 03:10 AM)theedo Wrote: Another question: there is some way to hide the ajax request link, or the entire js script? And about the csrf: to make the ajax request I disabled the csrf regenerate, is it secure? Or I must insert a data in the ajax request as my csrf token? Thank you!

I think that you must to use the maximum of security verifications. Then enable the CSRF Regenerate.

To use the CSRF dinamically you can get it on every submission. Or assign to a meta tag.

Some time ago I created a project doing it. Perhaps this lines can help: https://github.com/natanfelles/codeignit...e.php#L114
Reply

#6
(07-18-2017, 07:37 AM)natanfelles Wrote:
(07-18-2017, 03:10 AM)theedo Wrote: Another question: there is some way to hide the ajax request link, or the entire js script? And about the csrf: to make the ajax request I disabled the csrf regenerate, is it secure? Or I must insert a data in the ajax request as my csrf token? Thank you!

I think that you must to use the maximum of security verifications. Then enable the CSRF Regenerate.

To use the CSRF dinamically you can get it on every submission. Or assign to a meta tag.

Some time ago I created a project doing it. Perhaps this lines can help: https://github.com/natanfelles/codeignit...e.php#L114

Thank you!
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.