防止URL中的跨站点请求伪造 [英] preventing cross site request forgery in the url
问题描述
我想我了解CSRF,以及如何使用表单键来防止这种情况发生,但这仅对来自表单的POST数据有用,对吧?在我的网站上,我让登录用户单击删除按钮删除一些项目,该按钮将其发送到delete.php?id = {item_id}。
I think I understand CSRF and how using form keys can prevent that, but this is can only be useful for POST data coming from a form, right? In my website I let logged in users delete some items by clicking on a Delete button which sends them to delete.php?id={item_id}.
在delete.php上我检查该项目是否属于用户,如果超过,则脚本将其删除。
如何停止其他站点发布链接,如www.mysite.com/delete.php?id=3。我了解攻击者必须猜测我的身份。
On delete.php I check if the item belongs to the user, if it does than the script deletes it. How can I stop some other site posting a link like www.mysite.com/delete.php?id=3. I understand that the attacker will have to guess the id in my case.
但是,总的来说,如何停止CSRF来获取GET数据或url中的数据?
But in general, how do you stop CSRF for GET data or data in a url?
另外,使用img标签或锚标签进行CSRF的攻击者和它们与Get和Post数据有何关系?
Also what is the difference between an attacker using an img tag or a anchor tag for doing CSRF and how do they relate to Get and Post data?
非常感谢,我对此表示感谢。
Thank you very much in advance and I will really appreciate any advice on this.
推荐答案
扩展根据我的评论,
假设您使用的是cookie /会话来跟踪用户登录。只需将md5再次放在哈希上,然后确认即可即可。
Assuming you are using a cookie/session to keep track of user login. Simply md5 again on the hash and let that be your confirm.
if (isset($_GET['delete'] && md5($_COOKIE["PHPSESSID"])==$_GET['confirm'])) {
//delete something
}
然后为HTML声明:
<a href="www.mysite.com/delete.php?id=3&confirm=<?php echo md5($_COOKIE["PHPSESSID"]);?>">Delete</a>
这篇关于防止URL中的跨站点请求伪造的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!