Menu
I am developing a social network and I would like to know if in the profile page of a user I could put the user id stored in database as a parameter in the url or is it a bad idea in terms of security?
I want the url to be bookmarkable. Should I put another thing instead of the user id?
663
In terms of security there's no problem in putting the user id in a url. For example StackOverflow does it already: https://stackoverflow.com/users/3477044/aliuk
What's important is to verify that the currently authenticated user is allowed to access this url and take actions on its behalf.
161
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
