Aktualno艣ci - Mieszkaniec
Nag艂y atak kaszlu u 艣winek morskich
Redakcja: Administrator
Dodany: 20.01.2010, wy艣wietle艅: 1911
CZYTAJ
POPRZEDNI膭
POPRZEDNI膭
PDF
DRUKUJ
POWR脫T
This URL conveys information about the application's architecture and database. Developers usually hide the application's infrastructure in the interface (for instance, they choose page titles like "Personal profile page" rather than "QZ7.65"). Revealing vital clues to the internals of the application in the URL contradicts this effort and has serious drawbacks:
- The technical data appearing in the URL creates potential security breaches. In the preceding example, what happens if an ill-disposed user changes the value of the
id
parameter? Does this mean the application offers a direct interface to the database? Or what if the user tries other script names, likeadmin.php
, just for fun? All in all, raw URLs offer an easy way to hack an application, and managing security is almost impossible with them. - The unintelligibility of URLs makes them disturbing wherever they appear, and they dilute the impact of the surrounding content. And nowadays, URLs don't appear only in the address bar. They appear when a user hovers the mouse over a link, as well as in search results. When users look for information, you want to give them easily understandable clues regarding what they found, rather than a confusing URL such as the one shown in Figure 9-1.
CZYTAJ
POPRZEDNI膭
POPRZEDNI膭
PDF
DRUKUJ
POWR脫T
ZG艁O艢
NIE艢CIS艁O艢膯
NIE艢CIS艁O艢膯