Wednesday, April 29, 2009

Security Risk: No Cookies in FileReference.upload();

// SECURITY PROBLEMS, we need cookies in FileReference.upload();

cookies work fine when using URLRequest but not when using upload() ??!! In the mean time, I thought of something... Not perfect but at least stops the casual hacker (as is currently the vulnerability)

When we start the upload, we do two things. First, make a URLRequest to a php page that cross checks the session data, if it checks out, store their IP address in a database table

In the actual upload.php file, simply open the database, compare the IP address inbound to the one validated by the cookies. If these match, we have a pretty strong case for letting them write to the server. You could take it a little further and add store a timestamp or epoch, then compare that to an acceptable time window to complete an upload, but you might cut of some 56k modems...

No comments: