i am working on web security, suppose my request data is following , i encrypt id send in query string , but request data shown have some more keys (pulled from drop down) like sitekey and customer key, my question is, do we need to encrypt the drop downs keys as well or just to add some validation on server side . what is the best approach / practice ? .
POST URL?q=%3FDK8wvbvghTwq5hf2jRPryg%253d%253d HTTP/1.1 {
"value1":"v1", "value2":"v2", "sitekey" : "123", "customerkey : "45"
}
Aucun commentaire:
Enregistrer un commentaire