Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
O
O
Optimus2016-11-17 07:54:28
PHP
Optimus, 2016-11-17 07:54:28

How to ensure security when working with Ajax?

There is a switch on the page, for example this:
6606f27c9598419aa45101a65ba426ba.png
When it is changed in the database, the value should change. Total chain goes:
Page with switch -> Page handler -> DB

Question: How to prevent a direct request to the handler page by third parties?
After all, the page with the switch has access to the session, for example, and can check its existence and the user id. The session handler page does not have access. Pass CSRF tag to handler? What will he compare it to? Nothing sensible comes to mind.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
E
Evgeny Kalibrov, 2016-11-17
Pyan @marrk2

Page handler - what is it?
Your request should be sent to the server, which should have the current user in the session, and he should check the access rights.

Similar questions
V
Vanes Ri_Lax2015-10-13 08:58:02
Who worked with infogroups in hostcms? 1Reply
D
dzhuryn_volodymyr2015-10-13 11:50:38
Does modx have a processor for adding TV fields? 1Reply
A
Alex2018-02-16 17:32:18
How to form overlapping periods? 2Reply
E
eldar_web2015-10-13 15:59:49
How to replace this piece of PHP code in Ruby? 1Reply
D
Dadad2020-04-24 12:42:11
Is registration better in php or js? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question