I think in most cases it's okay. For instance, if you have a blog and someone figures out that the IDs of your posts are sequential, they can potentially ... view an older or newer post. Generally speaking, as long as URLs are not your only mechanism for enforcing an ACL, you should be okay.
The reason you might want a non-sequential ID is to make it more difficult to do automated content scraping. -- Ikai Lan Developer Programs Engineer, Google App Engine Blogger: http://googleappengine.blogspot.com Reddit: http://www.reddit.com/r/appengine Twitter: http://twitter.com/app_engine On Thu, Jan 27, 2011 at 1:50 PM, tobik <[email protected]> wrote: > That's funny because passing clear ids in url is quite common in > classic webs written in PHP. Practically all PHP frameworks/CMS > (including the big ones like Joomla or MODx) do that so I never > thought of it as a possible vulnerability. Or is there something more > I should worry about in this particular situation (Python, > AppEngine...)? > > On 27 led, 19:34, Jeff Schwartz <[email protected]> wrote: > > IMHO passing clear ids as text in urls is not a good idea because > anything a > > hacker can gleam about data is opening up a can of worms that they could > use > > to try to exploit your site and even corrupt your data. I'd look to > encrypt > > the id or at least apply a hash such as base64 at a a minimum to > obfuscate > > the actual id. While base64 wont deter a committed hacker it will deter > many > > malcontents who will move on to easier pickings. Best if you can, > generate > > an encrypted id on the server and pass that back via the url from the > > client. > > > > > > > > On Thu, Jan 27, 2011 at 1:06 PM, tobik <[email protected]> wrote: > > > Great, thanks. > > > > > On 27 led, 16:06, Geoffrey Spear <[email protected]> wrote: > > > > On Thursday, January 27, 2011 2:52:48 AM UTC-5, tobik wrote: > > > > > > > Thank you! That's what I wanted to know. > > > > > > > So basically passing Keys in urls is not a good idea, but using > pure > > > > > IDs and Model.get_by_id() should be secure enough. Or am I wrong? I > > > > > tried to get access to data across namespaces but it ended up with > > > > > request error. So it worked as expected. > > > > > > Yes; IDs are only unique within a namespace, entity group, and kind, > so > > > > passing an ID from one namespace to an instance using a different > > > namespace > > > > will either get you a different entity from the calling instance's > > > namespace > > > > or nothing, never the entity in the original namespace. > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "Google App Engine" group. > > > To post to this group, send email to [email protected] > . > > > To unsubscribe from this group, send email to > > > [email protected]<google-appengine%[email protected]> > <google-appengine%[email protected]<google-appengine%[email protected]> > > > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/google-appengine?hl=en. > > > > -- > > *Jeff Schwartz* > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<google-appengine%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
