I have a site where some processing is done on the client side in javascript. It works well, but it occurred to me the same thing should not be done over and over again even if it only affects the client, so the processed data could be sent back to the server by a client and later other clients could get that cached data, so they don't have to do the processing themselves.
The problem is there isn't any kind of authentication on the site, it's freely accessible, so a rogue client could send back malicious cached data to the server.
Is there some clever way to make sure the server stores cached data only from my clients? The only thing I could think of is comparing the datas received from the clients and marking a piece of cached data valid only if, say, 10 clients send back the same value. Of course, it's not a perfect solution, but it may protect most attackers.
Is there a better way than this?
Aucun commentaire:
Enregistrer un commentaire