I use link to share data with user, but this is not secure against link handling
I share this type of link "/mission/123456/team", where '123456' is an id in my database. But if someone handle the link in /mission/1234567/team, he has access to datas that I don't want to share. At opening of this url, my service do a getById function and use the id of the url for the GET request
Can you explain me the different kinds of mechanism that I can use to counter this please ? I don't want to use authentication for theses users.
Thank you :)
Aucun commentaire:
Enregistrer un commentaire