0

VS2013, MVC5

I was reading another SO post to solve a record updating problem (I did solve it thanks to the post). But in studying the many answers and comments on this post I found one that caused me pause. link.

The comment is by Serj who comments that putting a UserID as a hidden item in the Edit form is a security flaw. I understand his post and it makes sense we wouldn't want to expose anything we don't need to.

But it made me think about my particular Edit view I was working with. I am creating Role management for my MVC5 site and I'm passing my Role ID through the Edit page. Now that Id is not an integer like many tables have, but rather a long string that I assume was done for security purposes. But it's the primary key for the record and I don't see how I can avoid not passing that Id through the Edit page.

So I thought I would ask if I'm not thinking this through clearly, or it is a risk but there's nothing I can do about it?

If I should not expose that Id, how would I edit the Role table without passing the record's Id?

Community
  • 1
  • 1
Alan
  • 1,587
  • 3
  • 23
  • 43

1 Answers1

2

So I thought I would ask if I'm not thinking this through clearly, or it is a risk but there's nothing I can do about it?

Yes, it's a risk. Just because the id is hard to guess doesn't mean that you are safe. You should never expose such information without performing the necessary validation steps on the server.

If I should not expose that Id, how would I edit the Role table without passing the record's Id?

You should pass the record Id, that's for sure, otherwise you will never be able to edit anything. But on the server you should verify that the currently logged-in user has the necessary permissions to modify the roles for this particular id.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928