发表新帖
发表新帖

MongoDB: is it safe to use document's ID “in public”?

后端 未结
关注
8 2443
名媛妹妹
名媛妹妹 2020-12-13 02:01

I really like MongoDB\'s automatically generated ids. They are really useful.

However, is it save to use them publicly?

Let\'s say there is a posts collecti

8条回答
  • 天涯浪人
    天涯浪人 (楼主)
    2020-12-13 02:07

    1. If id gives link to "unlisted" content that requires only link - it's privacy issue.

    2. If id gives a link to content that is under user login - not a problem.

    No matter if it's MongoDb, SQL or any other id. Id is the key to data. If this key is only thing you need to view content that you should not - that's an issue. For such situation - generate unguessable id.

    0 讨论(0)
 看不清?
提交回复
热议问题