stackoom
  简体   繁体   中英

Securing user profile retrieve from Facebook login

 原文  2015-10-14 16:47:30       php/ security/ facebook-php-sdk/ social-networking/ sanitization

Question

Hi I am currently adding social login to my web app, an option to register to my app using Facebook profile.

Would it be ideal to sanitize and filter validate those information that my app will receive from Facebook call back? Or does Facebook already clean their info before sending it?

If you think I need to clean it myself, would sanitize string enough for names, updated_time (a date time Object)? How about the id? does all social network use numbers for user id?

1 answers

solution1
 0 ACCPTED  2015-10-14 17:05:26

If you're using official plugins directly from FB or any other major company, you don't need to sanitize it.

But if you're using any 3rd party plugin, use this: http://php.net/manual/en/filter.filters.sanitize.php

and choose each filter carefully to match your item.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question advice on securing user login PHP: how to retrieve profile data from Facebook How to retrieve email from facebook user profile with SDK 4.4.0 and API 2.3? facebook login integration with codeigniter not returning user profile data Can't retrieve email from facebook login Get user infos from facebook Profile URL Securing Facebook Login through Javascript and PHP SDK Facebook server login doesn't retrieve info if user refreshes page how to get profile picture from facebook login api using codeigniter Retrieve facebook user id from the username
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM