从数据库中删除内容,安全预防措施
更新:
我像 Berdir 告诉我的那样添加了 CSRF 保护,并在下面的链接的帮助下使我的应用程序再次运行。但是..我不太确定我现在做了什么:D 这将如何使我的应用程序更安全?我特别担心的是,我现在在我的ajax代码中获取了一个cookie值,因为我必须通过我的ajax调用来传递它..否则它就不起作用。这不是泄露了有关 cookie 的一些重要信息吗?或者我只是偏执。谢谢!
http://aymsystems.com/ajax-csrf-protection-codeigniter-20
//老的 你好。
在我正在构建的这个网络应用程序中,我有一个功能可以添加有关某些主题的“提示和技巧”。这些页面只能由具有管理员角色的帐户添加。但是,我还希望能够删除这些页面。 (总是方便,对)。由于我使用的是 CodeIgniter,我正在考虑创建一个控制器函数,该函数接受一个 ID,并将该 ID 传递给模型,在该模型中,与该 ID 相对应的页面将从数据库中删除。
只是为了澄清这一点:
控制器:
public function del_content($id)
{
$this->content_model->del_content($id)
}
模型:
public function del_content($id)
{
// database code which I can't be bothered to look up now
// something like $this->db->where(), $this->db->delete()
}
这一切都非常简单,但我担心它可能太简单。这对我来说似乎不太安全,是吗?由于您可以从浏览器中的 URL 地址栏调用该函数,因此您基本上可以通过它删除整个内容表。 (因为您要对 ID 为 3 的项目执行 http://mywebsite/controller/del_content/3)。当然,只有管理员帐户才能访问该功能,但是......
我以前从未编写过类似的东西,因此从未考虑过在这种情况下我应该采取的安全措施。有人可以给我一些我应该注意的事情,也许还有一些关于如何使其更安全的想法、建议吗?
多谢!
UPDATE:
I added the CSRF protection like Berdir told me, with the help of the link below to make my application work again. However.. I'm not quite sure what I did right now :D How is this going to make my app more secure? I'm particularly bothered by the fact that I'm now getting a cookie value in my ajax code, because I have to pass it with my ajax call.. otherwise it just doesn't work. Doesn't this give away some crucial information about the cookie? Or am I just being paranoid. Thanks!
http://aymsystems.com/ajax-csrf-protection-codeigniter-20
//old
Hi.
In this web app I'm building, I have a functionality to add 'tips and tricks' about certain subjects. These pages can be added only by accounts with the admin role. However, I also want the ability to remove these pages. (Always handy, right). Since I'm using CodeIgniter, I was thinking of just making a controller function which takes an ID, and passes this ID to the model where the page corresponding to that ID would get deleted from the database.
Just to make this clear:
Controller:
public function del_content($id)
{
$this->content_model->del_content($id)
}
Model:
public function del_content($id)
{
// database code which I can't be bothered to look up now
// something like $this->db->where(), $this->db->delete()
}
This is all really simple, but I'm scared that it might be too simple. This doesn't really seem oh so very secure to me, is it? Since you would be able to call the function from the URL address bar in your browser, you could basically remove the whole content table through that. (Since you'd be doing http://mywebsite/controller/del_content/3 for the item with ID 3). Of course, only administrator accounts would have access to that function, but still..
I have never programmed anything like this before and thus never had to think about the security measures I should take in this case. Would anyone be kind enough to give me some things I should keep an eye out for and perhaps some ideas, suggestions, on how to make this more secure?
Thanks a lot!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要防范的是 CSRF 攻击。简而言之,它们是诱骗管理员通过 GET 或 POST 请求访问某个 URL 的攻击。
典型的方法是使用代币。生成指向删除操作的链接或表单时,您会生成一个发送到客户端的令牌(作为隐藏表单字段或作为 GET URL 的一部分),还将其存储在服务器上以用于当前会话以及何时该操作执行后,您将比较提交的令牌和存储的令牌,只有在匹配时才继续。
许多框架/系统都以某种方式内置了这种功能,例如,使用 Drupal 中的 Form API 生成的所有表单都可以防止此类攻击。
What you need to protect against are CSRF attacks. Put simply, they are attacks which trick administrators into visiting a certain URL by GET or POST request.
The typical way to do that are tokens. When generating the link or form that points to the delete action, you generate a token that you send to the client (either as hidden form field or as part of the GET URL), also store it on the server for the current session and when that action is executed, you compare the submitted and the stored token and only continue if they match.
Many frameworks/systems have this built-in in some ways, for example are all forms generated with the Form API in Drupal protected against such attacks.