The ultra vires operation of Web security: horizontal and vertical ultra vires

Source: Internet
Author: User

Reference: http://blog.csdn.net/github_39104978/article/details/78265433

Read the above article, the concept of ultra vires operation is still relatively vague, not clear the actual scene.

Horizontal ultra vires situation:

In the user Login module, assume that the user wants to reset the password when they forget the password (not logged in). Assume that the interface is designed to pass only the user name and the new password.

LOCALHOST:8080/USER/FORGET_RESET_PASSWORD.DO?USERNAME=AAA&passwordnew=xxx

After the user has been prompted with a password and answered the question successfully, jump to the Reset Password page. Under this page, the attacker in the browser to view the password reset interface, you can enter any user name and password to submit, if the user name entered will cause other users to be modified password! Also is the normal user's permission, modifies other ordinary user's information, this kind of function situation is the horizontal ultra vires.

In order to avoid the above horizontal ultra vires behavior, the common method is that after the user answers the password prompt question is correct, the service side randomly generates a token value to return, and gives token to set the expiration time (such as 30 minutes), then resets the password the interface requires the front end to pass the token, You can ensure that the current user has changed their password.

To reset the password, change the interface to

LOCALHOST:8080/USER/FORGET_RESET_PASSWORD.DO?USERNAME=AAA&passwordnew=xxx&forgetToken =531EF4B4-9663-4E6D-9A20-FB56367446A5

The ultra vires operation of Web security: horizontal and vertical ultra vires

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.