ajax security?

When I look back my codes that written earlier time, I found something terribly bad. Whenever I want to delete a record in the database, I did like this :

$.post("deleteAction.do",{recor开发者_如何学GodId:10});

I cannot prevent a malicious user visit my database operation url directly :

deleteAction.do?recordId=10 

What's the solution for this kind of problem ?

It really depends on your data and the checks you do on the server side. For example. If you check if the user is allowed to perform the delete action on that record, it isn't such a big problem. If you don't, it means the user can delete the data of other users too. My suggestion would be:

1. Add extra checks on the server side to prevent users from deleting other data then their own.
2. In stead of using integers you can also use something like guids, or another identifier that is hard to alter (read: unpredictable). This prevents "smartheads" from trying to break down your application.

It doesn't matter if you involve Ajax or not. If a URI does something sensitive on the server or exposes sensitive data, then you need to protect it. Usually with some form of authentication + authorisation. A cookie based technique is normal for this. The specifics of implementing it depend on the design of your backend system.

As an aside, you shouldn't allow GET requests for non-safe actions. Since your request is a POST, but you use a GET example of the problem, this suggests you just need to add a "Is this a POST request?" check to the server side script. Note that this won't be enough protection in itself, a malicious user can make arbitrary POST requests almost as easily as arbitrary GET requests. (Which brings us back to Authen/Authz)

Your server-side code should check the currently logged-in user and make sure they have permission to delete stuff. That'll prevent malicious action by strangers, but will require adding some authorization/permission stuff to your web app.

The only way to prevent this is to use authentication on your site and allow only some users to perform those operations. Any public action would be accessible by any malicious user.