https带有令牌参数的URL：它有多安全？ [英] https URL with token parameter : how secure is it?

问题描述

在我们的网站上，我们根据用户的私人信息（通过表单提供）向用户提供模拟。我们希望以后允许他们重新使用他们的模拟结果，但不要强迫他们创建登录/密码帐户。

On our site, we provide to users a simulation based on their private information (given through a form). We would like to allow them to get back on their simulation results later, but without forcing them to create a login/password account.

我们曾想过向他们发送一封带有链接的电子邮件，他们可以从中获取结果。但是，当然，我们必须保护这个URL，因为私有数据受到威胁。

We have thought of sending them an email with a link, from which they could get back their results. But, naturally, we have to secure this URL, because private data is at stake.

所以我们打算传递一个令牌（比如一个40个字符的字母组合） URL中的数字或数字，或MD5哈希）并使用SSL。

So we're intending to pass a token (like a 40 characters combination of letters and digit, or a MD5 Hash) in the URL and to use SSL.

最后，他们会收到一封类似的电子邮件：

Finally, they would receive an email like that:

您好，

在
上取回您的结果 https://www.example.com/load_simulation?token=uZVTLBCWcw33RIhvnbxTKxTxM2rKJ7YJrwyUXhXn

你怎么看待这件事？它足够安全吗？你会告诉我什么代币生成？如何在https请求中传递URL参数？

What do you think about it? Is it secure enough? What would you advise me for the token generation? What about passing URL parameters in a https request?

推荐答案

SSL将保护传输中的查询参数;但是，电子邮件本身并不安全，电子邮件可能会在到达目的地之前沿任意数量的服务器反弹。

SSL will protect the query parameters in transit; however, email itself is not secure, and the email could bounce along any number of servers before getting to its destination.

此外，根据您的网络服务器，完整的网址可能会获得登录其日志文件。根据数据的敏感程度，您可能不希望IT人员访问所有令牌。

Also depending on your web server the full URL might get logged in its log files. Depending on how sensitive the data is you might not want your IT people having access to all the tokens.

此外，带有查询字符串的URL将保存在用户的历史记录中，允许同一台机器的其他用户访问该URL。

Additionally the URL with the query string would be saved in your user's history, allowing other users of the same machine to access the URL.

最后，这个非常不安全的原因是，URL在任何资源的所有请求的Referer头中发送，甚至是第三方资源。因此，如果您使用Google Analytics（分析），则会向Google发送URL令牌及其全部内容。

Finally and what makes this very insecure is, the URL is sent in the Referer header of all requests for any resource, even third party resources. So if your using Google Analytics for example, you will send Google the URL token in and all to them.

在我看来，这是一个坏主意。

In my opinion this is a bad idea.

这篇关于https带有令牌参数的URL：它有多安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！