Re: Secret URLs

just use UUIDs
that "feature" comes with it automatically

On 3 Jan., 08:41, Walther <waltherl...@gmail.com> wrote:
> Not really possible afaik.
>
> But, security through obscurity is not the solution. You should rather
> spend the time writing code that will make sure that the user/referer
> has permissions to perform that action.
>
> On Jan 1, 9:54 pm, anka <andreas.katz...@gmail.com> wrote:
>
> > Hi @all,
>
> > I have a (almost) simple question! Is it possible to make all cake php
> > REST URLs unreadable? What I mean is, that a given REST URL like ".../
> > user/delete/10" is very simple to read for a human and it is very
> > simple to guess that I can call this URL with any ID i want. So it
> > would be very helpful, to generate URLs like ".../
> > aasdf080234ljasdflk234" or something like that so no human can modify
> > the URL within the browser and to avoid anoying side effects within
> > the system.
>
> > Thanks and best regards,
> > Andreas

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en