如何保护静态HTML链接
[英]How to secure a static HTML link
问题描述
The company that I work for is wanting to provide a means of allowing our client to provide links to our site for the purposes of allowing their own clients to schedule a payment to them through us. 
我工作的公司希望提供一种方法,以允许我们的客户提供指向我们网站的链接,以允许他们自己的客户安排通过我们向他们付款。
We want the solution to be as seemless and easy to use as possible. 我们希望该解决方案尽可能简单易用。 Our clients are not likely to have the ability to do any sort of programming our scripting on their side and so we want to simply provide them with a link that they can use that will reliably identify which of our clients sent this person to our website. 我们的客户不太可能在他们身边进行任何形式的脚本编写程序,因此我们只想向他们提供一个链接,他们可以使用该链接来可靠地识别哪些客户将该人发送到了我们的网站。
My first thought was to simply use the query string to pass along their unique identifier as a parameter. 我的第一个想法是简单地使用查询字符串来传递其唯一标识符作为参数。 We would generate this link for them and even host an image for it on our own servers. 我们将为他们生成此链接,甚至在我们自己的服务器上为其托管一个映像。 We do not want their identification number to be accessible to observers, nor do we want our clients to have to make their own links. 我们既不希望观察者可以访问其标识号,也不希望我们的客户必须建立自己的链接。
The only solution that we've come up with is to simply encrypt our local identifier with a timestamp, store the creation event in our database and use this information to check against the provided encrypted value in the querystring when we get hits to our site. 我们提出的唯一解决方案是简单地使用时间戳对本地标识符进行加密,将创建事件存储在我们的数据库中,并在我们的网站被点击时使用此信息来检查查询字符串中提供的加密值。
This prevents data from leaking out (so far as we can tell) but does nothing to prevent anyone from copying the link and using it anywhere (but really, we want our clients to just be able to stick it anywhere and just work). 这可以防止数据泄漏(据我们所知),但不能阻止任何人复制链接并在任何地方使用(但实际上,我们希望我们的客户能够将其粘贴在任何地方并且可以正常工作)。
Are we making significant tradeoffs in terms of security for ease of use? 我们是否在安全性方面进行了重大折衷以简化易用性? Should we instead just setup an account to be used by anyone at that particular client of ours to at least enforce the "idea" of security (a shared login for all of their clients isn't very secure either, is it?) 相反,我们是否应该只设置一个帐户供我们特定客户使用,以至少实施安全性的“想法”(所有客户的共享登录名也不是很安全,是吗?)
Ultimately our goal is to make this a fast, transparent process. 最终,我们的目标是使其成为一个快速,透明的过程。 Do we have to sacrifice security to make it fast and transparent? 我们是否必须牺牲安全性才能使其快速透明?
1 个解决方案
解决方案1
1 2009-08-11 19:20:51
This is what I would do, 这就是我要做的
- Sign the link with a secret so no one else can make up a random link. 对链接进行秘密签名,以便其他任何人都不能构成随机链接。
- Add a parameter to identify the partner site. 添加参数以标识合作伙伴站点。
- Configured a list of allowed referer for the site. 为站点配置了允许的引荐来源清单。
- Upon receiving the request, check the signature and enforce the referer. 收到请求后,请检查签名并强制引用。
This is not super secure but meet most of your requirement. 这不是超级安全,但可以满足您的大多数要求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.