How to protect a URL from a user changing one of param / value pairs?
Thank.
You can add the HMAC hash to the query string using a secure random key stored only on the server, and then check the hash for each request.
You can not.
You need to check them out. You must ensure that your page accepts only valid input for each of the parameters. "Valid" can mean many things, such as "Does the user have access to view this", etc.
.
You can not. This is by definition an external interface. If your security system depends on this, you should consider how to do it.
Protecting it and preventing change are two different things. You cannot stop them from changing it, but you can protect / check.
Source: https://habr.com/ru/post/1769058/More articles:https://translate.googleusercontent.com/translate_c?depth=1&pto=aue&rurl=translate.google.com&sl=ru&sp=nmt4&tl=en&u=https://fooobar.com/questions/1769053/git-blame-on-reorganized-svn-repository&usg=ALkJrhhsHMFseYjMnwQXlCU4cs__kXfo8wRotate the image to go to a well-known point using the compass heading - iphonesave and close visual documents visual basic macro - excel-vbaColor street in Android MapView? - androidПочему Arrays.toString(значения).trim() создает [текст в квадратных скобках]? - javaBODY tag with root level block - htmlError playing media files - androidХороший удаленный просмотрщик журнала Apache - browserHow to use multiprocessing with Java - NOT multithreading - javaПрокси-модели django - pythonAll Articles