开发者

Forced browsing

I am having an security issue, the user can forced browsing technique to traverse to the page which is not accessible to them. is the开发者_JAVA技巧re anyway that i can stop it. Visual Basic, .net 3.5


Pardon if I do not understand you clearly, but in asp.net enviornment you can use web authorization and authentication mechanisms to prevent user from seeing specified locations. To learn more about how to use it read this article, this article and see this tutorial


Secure the resources that should not be accessible. Forced browsing doesn't break through any measure of security, it just guesses what content is on the server and requests it. If the server is happily serving that content, then it's not secured and the user is technically permitted to see it.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜