我的 ASP.NET 代码的安全性如何?
我正在开发一个 ASP.NET 应用程序,它与 Google 地图交互并从数据库中检索标记信息。标记信息被分成数据库中的表,其中表的名称反映了公司(例如CompanyA_MarkerData、CompanyB_MarkerData 等)。为了使用新的标记数据定期更新地图,我在 JavaScript 中使用 setTimeout 定期调用“UpdateMarkers”JavaScript 函数。 “UpdateMarkers”调用 Web 服务,该服务执行数据库查询并将标记列表返回给 JavaScript,JavaScript 进而更新地图。
我使用此方法的主要问题是,我的 Web 服务要求我向其传递公司名称,以便它知道要访问数据库中的哪个表。正如您可以想象的那样,这会带来安全风险,因为任何人都可以将不同的公司名称传递给 Web 服务,并能够从其他公司以及他们自己的公司检索数据。
为了避免这个问题,我对我的程序进行了如下重构:当系统管理员为我的应用程序创建用户时,他们还可以为该用户分配一个公司ID。公司 ID 使用 ASP.NET 中的 Profile 对象存储。我将 Web 服务代码移至具有共享功能的类中,以便只能在我的页面内调用它们(但不能由任何人调用,就像 Web 服务一样)。这些函数仍然需要传递一个公司名称来传递给它们。然而,JavaScript 不会直接调用这些共享函数,而是调用一组页面方法(据我所知,这些方法不像 Web 服务那样公开)。然后,这些页面方法将使用 Profile 对象来检索附加到当前登录用户的公司名称,然后调用我的共享数据库函数并将信息返回给 JavaScript。
我认为第二种方法比第一种方法更安全,因为我不允许客户端将不同的选项传递给我的代码并检索未经授权的数据。服务器端代码计算出需要发送的参数。但是,我想知道是否有更好的方法来做到这一点,我错过了?
谢谢
--阿姆尔
I've developing an ASP.NET application that interfaces with Google Maps and retrieves marker information from a database. The marker information is split into tables in the database, where the name of the table reflects a company (e.g. CompanyA_MarkerData, CompanyB_MarkerData etc). In order to periodically update the map with new marker data, I use setTimeout in JavaScript to regularly call my 'UpdateMarkers' JavaScript function. 'UpdateMarkers' makes a call to a web service which performs the database query and returns a list of markers back to the JavaScript, which in turn updates the map.
The main issue I have with this method is that my web service requires that I pass it the name of the company so that it knows which table in the database to access. As you can imagine , this poses a security risk as anyone can pass a different company name to the web service and be able to retrieve the data from other companies, as well as their own.
In order to avoid this problem, I am restructuring my program as follows: When the system administrator creates users for my application, they can also assign a company ID to this user. The company ID is stored using the Profile object in ASP.NET. I am moving the web service code into a class with shared functions so that they can be called only within my pages (but not by anyone, like with web services). The functions will still require a company name passed to be passed to them. However, rather than the JavaScript making direct calls to these shared functions, the JavaScript will call a set of page methods (which as I understand it, are not public like web services). These page methods will then use the Profile object to retrieve the company name attached to the user currently logged in and then make a call to my shared database functions and return the info back to the JavaScript.
I think that this second method is more secure than the first, because I don't allow the client to pass different options to my code and retrieve unauthorized data. The server side code works out the parameters that need to be sent. However, I am wondering if there is a better way of doing this that I am missing out?
Thanks
--Amr
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您所需要的只是一种检查服务器端是否允许用户访问该公司数据的方法。
我假设您正在使用 AJAX,因为您说您正在使用 Javascript 从您自己的数据库中检索信息。因此,无论您调用哪个服务器端脚本/程序,都请将用户身份验证代码放在那里。
All you need is a method of checking server-side whether the user is allowed to access the data for that company.
I assume you're using AJAX, since you say you're retrieving information from your own database with Javascript. So whichever server-side script/program you call, put the user authentication code in there.