| |

VerySource

 Forgot password?
 Register
Search
View: 1169|Reply: 8

How to make url parameter values ​​change randomly

[Copy link]

1

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China

Post time: 2020-3-9 08:00:01
| Show all posts |Read mode
Hello everyone, I have another question about url.
For example, the url I requested is http://127.0.0.1:7777/app/test.jsp?sid=aed0000dfsdf
I want to find a way to process the sid in this url, so that it will be displayed differently in the IE address bar every time I request, that is, find an algorithm to make it always change randomly.
My most important purpose is that when someone pastes the obtained address directly in the url address bar, it cannot enter the system.
See if everyone has any good methods and suggestions, thank you
Reply

Use magic Report

1

Threads

6

Posts

4.00

Credits

Newbie

Rank: 1

Credits
4.00

 China

Post time: 2020-5-31 10:00:01
| Show all posts
Math.Randowm ();
Import MATH class
Take a look at the API
Reply

Use magic Report

1

Threads

6

Posts

4.00

Credits

Newbie

Rank: 1

Credits
4.00

 China

Post time: 2020-5-31 10:30:01
| Show all posts
If it is impossible to enter the system,
I have to judge the session, it seems like this
Reply

Use magic Report

0

Threads

21

Posts

19.00

Credits

Newbie

Rank: 1

Credits
19.00

 China

Post time: 2020-6-2 13:15:01
| Show all posts
Putting a mark in the session is the positive solution
Reply

Use magic Report

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China

Post time: 2020-6-2 17:30:01
| Show all posts
Achieve your purpose and add a judgment to prevent external theft chain will not be over.
Reply

Use magic Report

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China

Post time: 2020-6-2 19:00:01
| Show all posts
It doesn't need to deal with sid, just add login verification in your program.
Direct access to http://127.0.0.1:7777/app/test.jsp address is not verified whether you have logged in, if you do not log in, you can not directly enter the system.
Reply

Use magic Report

0

Threads

8

Posts

7.00

Credits

Newbie

Rank: 1

Credits
7.00

 China

Post time: 2020-6-3 12:15:02
| Show all posts
1. Determine the login session.
2. The server time passed when logging in. Then add a custom or random encoding of the time when returning the url parameter, and then check it on the server side, for example, to judge the time difference.
3. Simply do not use the url parameter, and use a method such as session instead.

How to achieve it depends on your specific needs
Reply

Use magic Report

0

Threads

3

Posts

3.00

Credits

Newbie

Rank: 1

Credits
3.00

 China

Post time: 2020-6-27 20:00:02
| Show all posts
Judging that your session can not be reached
Reply

Use magic Report

2

Threads

5

Posts

6.00

Credits

Newbie

Rank: 1

Credits
6.00

 China

Post time: 2020-6-27 23:00:01
| Show all posts
Makes sense...haha
Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

Contact us|Archive|Mobile|CopyRight © 2008-2023|verysource.com ( 京ICP备17048824号-1 )

Quick Reply To Top Return to the list