UUID“URL 安全"吗? [英] Is a UUID "URL safe"?

问题描述

UUID URL 安全吗?我想将它用作备用 ID，但可能允许访问记录作为 URL 中的 ID.虽然我可以使用 Ruby 的 SecureRandom.urlsafe_base64(27) 获取相同长度的随机 base64 编码字符串，但 UUID 看起来更简洁.

Is a UUID URL safe? I want to use it as an alternate ID yet perhaps allowing access to the record as the ID in the URL. While I can use Ruby’s SecureRandom.urlsafe_base64(27) to obtain a random base64-encoded string of the same length, a UUID looks cleaner.

推荐答案

是.

• UUID 仅包含十六进制字符 (a–f, 0–9) 加上一个连字符 (-).

• A UUID consists of only hexadecimal characters (a–f, 0–9) plus a hyphen (-).

根据 RFC 3986(URI 语法)§2.3，连字符和十六进制字符包含在那些明确未保留的字符中:

As per RFC 3986 (URI Syntax) §2.3, hyphen and hexadecimal characters are included in those explicitly unreserved:

URI 中允许但没有保留用途的字符称为未保留的.其中包括大写和小写字母、十进制数字、连字符、句点、下划线和波浪号.

Characters that are allowed in a URI but do not have a reserved purpose are called unreserved. These include uppercase and lowercase letters, decimal digits, hyphen, period, underscore, and tilde.

这篇关于UUID“URL 安全"吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！