. NET add timestamp to prevent replay attacks,. net add timestamp Replay
If the client sends a request to the server interface and the request information is encrypted, the request packet is intercepted by a third party. Although the third party cannot decrypt and obtain the data, however, you can use this request packet to perform repeated request operations. If the server does not defend against replay attacks, the pressure on the parameter server increases and data disorder occurs. This problem can be solved by adding a timestamp.
Private readonly string TimeStamp = ConfigurationManager. appSettings ["TimeStamp"]; // configure the TimeStamp [HttpPost] public ActionResult TestApi () {string RequestTime = Request ["rtime"]; // request time after RSA signature try {// request time after RSA decryption plus the timestamp time DateTime Requestdt = DateTime. parse (RSACryptoProvider. decrypt (RequestTime, RSA_Keys.Private )). addMinutes (int. parse (TimeStamp); DateTime Newdt = DateTime. now; // current time when the server receives the request // if request validity period <the current time when the server accepts the request, that is, the request expires if (Requestdt <Newdt) {return Json (new {success = false, message = "this request has expired"});} else {// perform other operations} catch (Exception ex) {return Json (new {success = false, message = "Request Parameter not required "});}}
The above is all the content of this article. I hope it will be helpful for your learning and support for helping customers.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
