Re: Securing AJAX requests with PHP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jay Moore schreef:
> I realize this isn't really about PHP, but I was hoping maybe someone
> had a way to make AJAX a little bit more secure using PHP.
> 
> I was thinking of making my AJAX calls also pass the current session id,

the browser should still send the session cookie for async requests. so
you get this info for free.

using one-time tokens isn't going to hurt at all (well a few extra CPU cycles,
but whose counting :-))

> and have my PHP script check to make sure it's a valid id, but I'm open
> to other ideas.
> 
> Do you guys use PHP to make AJAX calls a little bit more secure?  What
> /do/ you use?
> 
> I hope this isn't too off-topic.
> 
> Thanks,
> Jay
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux