0

I'm interested to find out the options and best practices for allowing the client-side to identify an object in the server-side database, without the client being aware of the true primary key of that object.

For example, a form that updates the person #3 record:

<form method="POST" action="/people/3/update">
    <input type="text" name="first_name"/>
    <input type="text" name="last_name"/>
    <input type="submit"/>
</form>

What I'd like to avoid is the client side becoming aware of the number 3 specifically, as it points directly to a database record for this user, and I figure it's better if there is not glimpse of server-side data on the client-side.

I'm already aware of a few options:

1) Encrypt all primary keys before they are sent to the client, decrypt them when they come back. I'd imagine this has non-negligible overhead. 2) Perform some sort of non-cryptographic modification of every key before sending it to the client, and perform the reverse on the server-side (like adding 11 and then later subtracting 11 again). While this doesn't truly hide values, it barely has any overhead.

Da Questions

1) Should I worry about this in the first place?

2) What are considered to be effective ways of doing this?

3) Are there any good sources I can consult for further reading?

Thanks in advance for any help!

Gershom Maes
  • 7,358
  • 2
  • 35
  • 55
  • The client needs to see *some* id to talk to your server about it. It does not matter what that id is, the id as such is meaningless. That the id happens to be the primary id used in the database is just as good as any alternative. – deceze Jun 25 '15 at 15:35
  • Of course they need to be able to reference models - I'm talking about the format of that reference (should it be the plain pk, or a pk that has been modulated in some way so as to make it unpredictable?) Anyways, thanks for the flag and the link to the other question - it's very much what I was looking for :) – Gershom Maes Jun 25 '15 at 16:01

0 Answers0