Home > Back-end >  The 2020-10-09: if I can get someone else's URL, and then to tamper with data (amount) sent to
The 2020-10-09: if I can get someone else's URL, and then to tamper with data (amount) sent to

Time:10-09

The 2020-10-09: if I can get someone else's URL, and then to tamper with data (amount) sent to the system, how to avoid the happening of this kind of thing? # # f greatly architects a daily topic

CodePudding user response:

Make an attestation

CodePudding user response:

Data signature and encryption or request

CodePudding user response:

Plus, and the key message

CodePudding user response:

RSA is the most mature and reliable method, ECC signature (including the dense) algorithm for data

CodePudding user response:

Solve thoroughly with spring security one pace reachs the designated position

CodePudding user response:

HTTP is the most easy to deal, even if HTTPS, you put the important information in the url, what expect that safe?

As the upstairs said, even if have to HTTP, also want to use the HTTPS, post it, the text data encryption to send,

CodePudding user response:

You get URL useless ah, background verify identity (token) can
If the token is stolen (that is, the authentication through), then add signature on business data

CodePudding user response:

Data signature that can be solved, most is such a platform, including POS chicken is,
It can verify the integrity of the data

Page link:https//www.codepudding.com/Backend/59410.html

Prev:About centralized LB and in-process LB difference
Next:Multithreaded primary problem.
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding