在请求敏感数据时我应该使用GET还是POST? [英] Should I use GET or POST when requesting sensitive data?
问题描述
我应该使用 GET 或 POST 来检索敏感数据,因为:
Should I use GET or POST for retrieving sensitive data, given that:
- 响应将包含敏感数据。
- 请求有副作用(例如显式问责制记录)。
RFC 2616 ,对我来说,并没有为我澄清这一点:
The RFC 2616, to me, doesn't clarify this for me:
当然,由于执行 GET 请求,无法确保服务器不会产生副作用;实际上,一些动态资源会考虑一个功能。这里的重要区别是用户没有请求副作用,因此不能对他们负责。 [...]
Naturally, it is not possible to ensure that the server does not generate side-effects as a result of performing a GET request; in fact, some dynamic resources consider that a feature. The important distinction here is that the user did not request the side-effects, so therefore cannot be held accountable for them. [...]
推荐答案
退一步
首先, RFC 2616 已过时。因此,它不应再被用作参考。
A step back
First of all, the RFC 2616 is obsolete. Hence, it shouldn't be used as a reference anymore.
下面你会找到HTTP / 1.1协议的当前参考:
Below you'll find the current references for the HTTP/1.1 protocol:
- RFC 7230: Message Syntax and Routing
- RFC 7231: Semantics and Content
- RFC 7232: Conditional Requests
- RFC 7233: Range Requests
- RFC 7234: Caching
- RFC 7235: Authentication
看看 RFC 7231 说安全方法:
< a href =https://tools.ietf.org/html/rfc7231#section-4.2.1 =nofollow noreferrer> 4.2.1。安全方法
如果请求方法的定义语义为
基本上是只读的,则视为安全;即,由于
对目标资源应用安全方法,客户端不会请求并且
不期望原始服务器上的任何状态更改。 [...]
Request methods are considered "safe" if their defined semantics are essentially read-only; i.e., the client does not request, and does not expect, any state change on the origin server as a result of applying a safe method to a target resource. [...]
这种安全方法的定义并不妨碍实施
包含可能有害的行为,即不是
完全只读,或者在调用安全的
方法时会产生副作用。 但重要的是,客户端没有
请求额外的行为,并且无法对
负责。例如,大多数服务器附加请求信息以访问
在每个响应完成时记录文件,无论
方法如何,即使日志存储可能
变满并且服务器崩溃,这也被认为是安全的。 [...]
This definition of safe methods does not prevent an implementation from including behavior that is potentially harmful, that is not entirely read-only, or that causes side effects while invoking a safe method. What is important, however, is that the client did not request that additional behavior and cannot be held accountable for it. For example, most servers append request information to access log files at the completion of every response, regardless of the method, and that is considered safe even though the log storage might become full and crash the server. [...]
在本规范定义的请求方法中, GET , HEAD ,
OPTIONS , TRACE 方法定义为安全。 [...]
Of the request methods defined by this specification, the GET, HEAD,
OPTIONS, and TRACE methods are defined to be safe. [...]
在HTTP方法的上下文中, safe 与安全性无关,以类似的方式,安全不是关于如何处理敏感数据。 安全意味着只读。
In the context of HTTP methods, safe is not related to security and, in a similar way, safe is not about how you deal with sensitive data. Safe means read-only.
如上所述,使用安全方法不会阻止您执行非只读操作,例如将请求记录到文件中。但是,此操作对于客户端应该是透明的。
As stated above, the use of safe methods do not prevent you from performing operations that are not read-only, such as logging the request to a file. However, this operations should be transparent for the client.
这取决于您正在执行的操作。在REST API中, POST 方法经常用于创建资源,而 GET 方法经常用于请求表示资源。
It depends on the operation you are performing. In REST APIs, the POST method is frequently used to create resources while the GET method is frequently used to request a representation of a resource.
如果您想在发送时确保安全性通过网络传输敏感数据,使用 HTTPS ,不要在网址中公开敏感数据(如密码)。
If you want to ensure security when sending sensitive data over the wire, use HTTPS and don't expose sensitive data (such as passwords) in the URL.
这篇关于在请求敏感数据时我应该使用GET还是POST?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
