weixin_33719619 2010-06-22 16:40 采纳率: 0%
浏览 69

AJAX请求的安全性

Just now i'm writing a project, and i desided to write it with jquery and ajax requests.

only thing, i don't know, is it secure enough?

for example, when i verify the username, when registering new user, i use jquery ajax request,

i get the array of existing usernames from db(with json), and then verify, if new_username not inArray() of existing usernames, i make another request, and register the user.

but what about security? meybe hacker can find the way to change some of my if-else statements, and whole my securite will brake.

maybe you'll help me to understand this situation?

Thanks

  • 写回答

4条回答 默认 最新

  • weixin_33725126 2010-06-22 16:43
    关注

    Why are you implementing any of that client-side?

    You should send the username/password over HTTPS in an AJAX query and have the server respond with only the data required for the user to move on, not the whole username list.

    Even putting security aside, what if you have millions of users? You're going to send that list to all clients for them to log in?

    评论

报告相同问题?

悬赏问题

  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 spring后端vue前端
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题