XSRF 保护 GET .net mvc

发布于 2024-09-19 22:08:39 字数 113 浏览 17 评论 0原文

我有一个会显示敏感信息的网站。我正在使用防伪造令牌等来防止 POSTS 中的 XSRF。但是我担心有人能够通过 GET 查看敏感信息。在 .Net MVC 2 中保护通过 GET 发送的只读数据的建议做法是什么?

I have a site which will show sensitive information. I am using Anti Forgery Tokens etc to protect against XSRF in POSTS. However I am worried about someone being able to view sensitive info from a GET. What is the recommended practice for protecting read only data sent via a GET in .Net MVC 2?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

假面具 2024-09-26 22:08:40

如果您确定 GET 请求是只读的,那么您就无需担心 XSRF。仅使用 XSRF 不可能从其他网站窃取信息,因此您不需要通过令牌保护 URL。事实上,在 URL 中使用标记将导致无法使用书签。

话虽如此,您应该 100% 确定您的应用程序中不存在 XSS 漏洞。如果存在,攻击者就无需担心 XSRF 和不可预测的令牌。

If you are sure that GET requests are read-only, then you have nothing to worry from XSRF. Its not possible to steal information from another website using just XSRF, and so you don't need to protect urls via a token. In fact, using tokens in the URL is going to make it impossible to use bookmarks.

Having said that, you should be 100% sure there are no XSS vulnerabilities in your app. If there are, an attacker doesn't need to bother with XSRF and unpredictable tokens.

静谧 2024-09-26 22:08:40

POST 数据上的 XSRF 保护(使用您所说的令牌)也应该适用于 GET 数据。从黑客的角度来看,GET 伪造比 POST 伪造要容易得多(首先您只需发布一个链接,第二次您需要指向一个带有隐藏 iframe 和自动提交表单的恶意软件网站),但是如果检查令牌。

例子:
发布如下链接:

www.domain.tld/page.aspx?get=data&token=token_given_to_hacker

不应返回任何内容,或者对于那些获得其他令牌的人来说只是一个错误。这样就不会为错误的人采取敏感行动。

这就是xsrf,有了它你无法窃取信息,但可以让其他人提交表单并采取行动,结果只有黑客知道。例如:
将电子邮件表单上的电子邮件更改为黑客的电子邮件。假设您有一个 GET 表单,其中包含 1 个字段:新电子邮件(为了简单起见)。提交后,URL 如下所示:

www.domain.tld/[电子邮件受保护]

现在,如果黑客在您的论坛上发布了一个链接,其 URL 为:

www.domain.tld/[电子邮件受保护]

每个点击它的人都会收到一封来自黑客的新电子邮件。但是,如果您在那里放置一个令牌,并且每次都会检查它,则仅对那些在页面请求中给出相同令牌的人采取该操作,在这种情况下,该链接将仅对发布它的用户有效,没有其他人。

您还可以使用密码字段保护敏感表单,例如更改电子邮件、密码等。请注意,验证码在这里没有太大帮助。

The XSRF protection on POST data (using tokens like you said) should work on GET data as well. From a hacker's point of view a GET forgery is much easier than POST forgery (at the first you only post a link, at the second you need to point to a malware website with hidden iframe and autosubmit forms), but both of them fail if tokens are checked.

Example:
posting a link like this:

www.domain.tld/page.aspx?get=data&token=token_given_to_hacker

shouldn't return anything, or just an error for those who got other tokens. This way no sensitive action is made for the wrong people.

This is xsrf, with this you can't steal information, but make others submit forms and take action which result only the hackers know. For example:
Changing email, on an email form, to the email of the hacker. Let's assume you have a GET form, with 1 field: the new email (for the sake of simplicity). When submitted the URL looks like this:

www.domain.tld/[email protected]

Now, if a hacker posts a link on your forum with the URL:

www.domain.tld/[email protected]

Everyone who clicks on it, will get a new email, of the hackers. But if you put a token there, and you'll check it every time, the action will be taken only for those who's the same token was given on page request, in this case the link will work only for the user who posted it, and no one else.

You could also protect sensitive forms, like changing email, password and so on with a password field. Note, that captcha is not much of a help here.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文