Reputation: 823
Secure way to pass data after form submission?
I'm writing a small app that gets information from the server, allows the user to manipulate it, then saves it back to the server. When getting the information from the server, the server also gives a password. When the information gets sent back to the server, the server looks for the password, as a safety precaution.
My question is, what is a safe way to pass the password after the form submits? I considered hidden fields, but that would make it possible to find the password.
Any ideas?
Upvotes: 0
Views: 104
Answers (2)
Reputation: 831
You can store it in a session with a specific field defining of password and destroying after made in use.
This is much better usage.
Upvotes: 2
Reputation: 583
You could give the password to Javascript/jQuery and then intercept the normal form submit, append the password to the post data, and then resubmit the form, but that may be a bit overkill...
As long as the password isn't being used for anything else (as in it's randomly generated) and it's single use, putting it in a hidden field shouldn't be much of an issue. Average users don't know how to view hidden fields. However, if you are connecting over HTTP and not HTTPS, your average hacker would be able to view the password coming over the unencrypted network and potentially use it before your user can.
Upvotes: 0
Related Questions
- How to secure variable send through URL?
- How to securely send data to the controller?
- codeigniter posting values in secure way
- What's a good way to handle post data in Codeigniter?
- secure way of passing form variable
- What is the 'correct' way to gather $_POST input from my form via CodeIgniter/PHP?
- what is the best security practice to escape my data before submitting it into my database in CodeIgniter
- PHP - securely sending data via forms for various user actions
- CodeIgniter Form input security
- How to secure this PHP form