如何计划“安全” HTML表单
[英]How to plan a “secure” HTML FORM
问题描述
I use $_POST to read data sent through HTML forms to the server, narrowing down attacks exposure. 
我使用$ _POST读取通过HTML表单发送到服务器的数据,从而缩小了攻击范围。 How can I strengthen security, using some kind of tokens in the form? 如何使用表单中的某种令牌来增强安全性? The tokens could be readable however with a sniffer..... 令牌可以用嗅探器读取。
**** EDIT ***** I agree the message above is generic...I'll try to give more details! ****编辑*****我同意以上消息是通用的...我将尝试提供更多详细信息!
Ok, a PHP/Server generates emails containing some data for a sort of user-revision; 好的,PHP /服务器会生成包含一些数据的电子邮件,以供用户修改。 this is accomplished with an HTML email containing HTML forms. 这是通过包含HTML表单的HTML电子邮件完成的。 When users receive those emails, they edit data in the forms, and send it back to the server, that in turn it will store it in the database. 当用户收到这些电子邮件时,他们将编辑表单中的数据,并将其发送回服务器,服务器随后将其存储在数据库中。
While for other types of interaction users/server, login/authentication is required, in this case some particular email clients, like mobile phones, do allow reading HTML email messages and process forms, unfortunately without allowing client authentication (server side login) prior processing the form. 对于其他类型的交互用户/服务器,则需要登录/身份验证,但在这种情况下,某些特定的电子邮件客户端(例如手机)确实允许读取HTML电子邮件和处理表单,但不幸的是,不允许事先进行客户端身份验证(服务器端登录)表格。
What happens on the server side when forms are received? 收到表格后,在服务器端会发生什么? Well $_POST is used, removing potential GET weakness, however using $_POST will not prevent other kind of attacks, just because a sniffer can easily "read" data being sent. 使用$ _POST可以消除潜在的GET弱点,但是使用$ _POST不能阻止其他类型的攻击,因为嗅探器可以轻松地“读取”正在发送的数据。
Data on the server side is parsed and stripped accordingly, removing unsafe Javascript and quoted text to prevent injections and other sort of attacks. 服务器端的数据将被相应地解析和剥离,删除不安全的Javascript和带引号的文本,以防止注入和其他形式的攻击。
That's why I was looking for a sort of token/nonce technique, however I thought that tokens are sniffable within the form..... and that's where my help request starts! 这就是为什么我一直在寻找一种令牌/即时技术,但是我认为令牌在表单中是可嗅的.....那就是我的帮助请求开始的地方!
3 个解决方案
解决方案1
2 2010-08-11 18:36:27
Here are a few things you should look into. 这是您应该注意的几件事。
- SSL Certificates SSL证书
- CSRF Protection CSRF保护
解决方案2
2 已采纳 2010-08-11 18:37:14
You are probably refereing to CSRF (Cross site request forgery). 您可能是指CSRF(跨站点请求伪造)。 Chris Shiftlett wrote an article about it which explains the concept. Chris Shiftlett撰写了一篇有关它的文章 ,解释了这个概念。
解决方案3
0 2010-08-11 21:17:12
Ok, I have discovered that Wordpress offers it's own API for NONCES. 好的,我发现Wordpress提供了自己的NONCES API。 What I do now is to add an input field in the form containg the NONCE; 我现在要做的是以NONCE的形式添加一个输入字段。 when user sends form to the server, the NONCE is validate back. 当用户将表单发送到服务器时,NONCE将重新验证。
There's a little chance an attacker could gain access using NONCE contained in the form ** ONLY ** during the lap time occurring between NONCE issue/verify. 在NONCE发出/验证之间的时间间隔内,攻击者极有可能使用**仅**形式的NONCE获得访问权限。 Quite difficult though: the attacker should sniff data, grab the NONCE and use it immediately to load "something" in the database... What could it be loaded, assuming content is being stripslashed and de-javascripted? 但是,这非常困难:攻击者应该嗅探数据,获取NONCE并立即使用它来将“某物”加载到数据库中...假设内容被剥离和使用Java脚本,则该文件可以加载什么呢?
Moreover, as WP NONCES are created using constants: 此外,由于WP NONCES是使用常量创建的:
wp_create_nonce ('my-nonce');
this will require some additional tasks to use variable generated NONCES in such a way for the attacker it will be more difficult to track the pattern to generate the NONCE... 这将需要一些额外的任务来使用变量生成的NONCES,以这种方式使攻击者更加难以跟踪生成NONCE的模式...
What do you think? 你怎么看?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.