I agree wtih benjam that URL obscurity is not a good way to protect content that could otherwise be protected through something like ACL.
The reason why the Flickr example is interesting is because they are actually using URL obscurity to protect images, which like any binary downloadable file are much harder to protect via server side scripting. All Flickr's images -- even ones labelled private -- can be viewed if you know the direct URL. They are actually relying solely on complex URL to protect their images. So checking out their system might provide some direction on what it takes to achieve this level of security -- as imperfect as it ultimately is. -Aran On Aug 26, 7:08 am, benjam <[EMAIL PROTECTED]> wrote: > You should probably take a look at why you want to keep people from > viewing certain URLs. > > If it's from a security standpoint, you should probably have some > server side scripting that blocks the URL, not just a "If there's no > link, then I hope they can't guess my URL" security system. > > And if you are trying to block content, this falls under a similar > idea. Give users levels (or some other flag that shows they are > allowed to access that particular data, or image, or whatnot), and if > they don't have the right level, block the content server-side. > > You should never trust a fancy URL to block content from users. > > And then you can use the solutions given by others to further increase > your security. > > On Aug 25, 9:24 pm, Jerry <[EMAIL PROTECTED]> wrote: > > > Hi: > > > is there any way to make application url difficult to guess? > > since cake reads record by id, it also provides a way for user to > > guess the record to retrieve. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
