Reputation: 46317
Is it safe to use Python UUID module generated values in URL's of a webpage?
Is it safe to use Python UUID module generated values in URL's of a webpage? Wnat to use those ID's as part of URL's. Are there any non-safe characters ever generated by Python UUID that shouldn't be in URL's?
Upvotes: 5
Views: 4917
Answers (3)
Reputation: 50372
I use GUIDs mainly as primary keys and often need to pass them around as URL arguments.
The hexadecimal form, with the dashes and extra characters seem unnecessarily long to me. But I also like that strings representing hexadecimal numbers are very safe in that they do not contain characters that can cause problems with URLs.
Instead of hexadecimal, I use a url-safe base64 string. The following is some Python code that does this. It does not conform to any UUID/GUID spec though (other than having the required amount of randomness).
import base64
import uuid
# get a UUID - URL safe, Base64
def get_a_Uuid():
r_uuid = base64.urlsafe_b64encode(uuid.uuid4().bytes)
return r_uuid.replace('=', '')
This didn't work in Python3. So modified slightly to this:
r_uuid = base64.urlsafe_b64encode(uuid.uuid4().bytes).decode("utf-8")
return r_uuid.replace('=', '')
Upvotes: 1
Reputation: 137442
It is good practice to always urlencode data that will be placed into URLs. Then you need not be concerned with the specifics of UUID or if it will change in the future.
Upvotes: 10
Related Questions
- How do I properly use a UUID id as a url parameter in Django?
- Will uuid.NAMESPACE_URL generate unique deterministic UUIDs for different URLs?
- Using uuid.uuid4() as default value
- uuid as keyword argument <pk> in django urls.py
- Is it safe to use a UUID in a URL for semi-private data?
- Is a UUID "URL safe"?
- Sharing URL generation from uuid4?
- UUIDs & Search Engine Friendly URLs
- Does using uuid as part of url leaks information about the server?
- uuid in url, is it friendly to google?