Reputation: 10485
Ways to redirect email server users safely
I am building a nodeJS based email server (homework assignment). I need to find a way to safely redirect users to their page after validating info. Right now I just response with a URL as follows /mail.html?user=username
This is obviously wrong - any use of GET/POST parameters is easily hacked. I think that any further request the user makes (checking inbox, sent mail for example) will have to be verified by his password again.
Am I right? Is there a common method to solve my problem?
Thanks
P.s I can't use external nodeJS modules
Upvotes: 0
Views: 40
Answers (1)
Reputation: 163438
You need to be verifying credentials server-side for every request.
Each request should have the username/password or some sort of session token included with it. Also beware of sending user credentials in plaint-text over the wire. Use HTTPS.
Upvotes: 1
Related Questions
- Sending email from own server to the internets
- how to setup emailjs to send email
- How set up a 2-way email anonymizer in nodejs
- Send redirect URL in the text body of mail using nodemailer
- Node JS Mailin SMTP Authentication credentials
- Security Concerns Using EmailJS?
- NodeJS Email Alias Server
- Redirecting user request, nodeJS
- Email processing with NodeJS
- Mail Server Handling with Node.js