从CakePHP URL中删除ID? [英] Removing ID from CakePHP URL?
问题描述
Shoddy?这是标准的做法和一个完美的解决方案,在URL中有ids。查看您问题的网址:
http://stackoverflow.com/questions/4638262/removing-id-from- cakephp-url
^^^^^^^
id
在网址中显示ID绝对没有什么不安全。这只是一个数字,不意味着什么。如果用户只能通过了解此ID才能执行不良操作,则您的应用会损坏并且不安全,而不是id传递机制。
尝试解决这个方案意味着解决HTML协议的基本原理,并打开一个全新的蠕虫病毒。
Hey guys! Working on a new Cake app and wondering if there is anyway for me to remove the ID-in-URL routing from Cake. Perhaps by passing the ID in POST somehow? Having the ID passed in as a URL param just seems really shoddy and unsafe. Thanks!
"Shoddy"? It's standard practice and a perfectly fine solution to have ids in the URL. Look at the URL of your question:
http://stackoverflow.com/questions/4638262/removing-id-from-cakephp-url
^^^^^^^
id
Also, there's absolutely nothing unsafe about showing an id in a URL. It's just a number that doesn't mean anything. If a user can do something "bad" only by knowing this id, your app is broken and insecure, not the id-passing mechanism.
Trying to work around this scheme means working around the fundamental principle of the HTML protocol and opens up a whole new can of worms.
这篇关于从CakePHP URL中删除ID?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!