从CakePHP URL中删除ID？ [英] Removing ID from CakePHP URL?

问题描述

嘿，伙计们！工作在一个新的Cake应用程序，并想知道是否还有我要从Cake删除ID-in-URL路由。也许通过在POST中传递ID ID？将ID作为URL参数传递看起来真的很糟糕和不安全。谢谢！

解决方案

Shoddy？这是标准的做法和一个完美的解决方案，在URL中有ids。查看您问题的网址：

  http://stackoverflow.com/questions/4638262/removing-id-from- cakephp-url 
 ^^^^^^^ 
 id 
  

在网址中显示ID绝对没有什么不安全。这只是一个数字，不意味着什么。如果用户只能通过了解此ID才能执行不良操作，则您的应用会损坏并且不安全，而不是id传递机制。

尝试解决这个方案意味着解决HTML协议的基本原理，并打开一个全新的蠕虫病毒。

Hey guys! Working on a new Cake app and wondering if there is anyway for me to remove the ID-in-URL routing from Cake. Perhaps by passing the ID in POST somehow? Having the ID passed in as a URL param just seems really shoddy and unsafe. Thanks!

解决方案

"Shoddy"? It's standard practice and a perfectly fine solution to have ids in the URL. Look at the URL of your question:

http://stackoverflow.com/questions/4638262/removing-id-from-cakephp-url
                                   ^^^^^^^
                                      id

Also, there's absolutely nothing unsafe about showing an id in a URL. It's just a number that doesn't mean anything. If a user can do something "bad" only by knowing this id, your app is broken and insecure, not the id-passing mechanism.

Trying to work around this scheme means working around the fundamental principle of the HTML protocol and opens up a whole new can of worms.

这篇关于从CakePHP URL中删除ID？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！