敏感数据进入查询参数 GET Api
[英]Sensitive data into query param GET Api
问题描述
I have a REST GET API, like
我有一个 REST GET API,比如
http://localhost:8080/users/ {userId}/assignments/{assignmentId} http://localhost:8080/users/ {userId}/assignments/{assignmentId}
Since, this is the GET call, so 'assignmentId' will get expose into URL while calling it.因为,这是 GET 调用,所以 'assignmentId' 将在调用时暴露到 URL 中。
This is the sensitive data for me & i don't want this to be expose publicly.这对我来说是敏感数据,我不希望这被公开。
How can i overcome with this.?我该如何克服这个。?
1 个解决方案
解决方案1
0 2020-04-21 19:15:20
Here are my two cents.这是我的两分钱。 Have you considered switching the service to be a POST with a request body that contains the sensitive data?您是否考虑过将服务切换为带有包含敏感数据的请求正文的 POST? That will solve the problem around not exposing the query param.这将解决不公开查询参数的问题。 I have seen services that accept a POST which returns data, but most of them do that to support unbounded inputs (as in retrieving data of multiple IDs).我见过接受返回数据的 POST 的服务,但它们中的大多数这样做是为了支持无界输入(如检索多个 ID 的数据)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.