I'm working on a project which generates audio from text(TTS) and provides player with speed/pitch control to users.
My question is related to request security.
The user got widget_id during registration on my site, he put some js
in his site, and api works on his site. When the user click on send button, the api.js file sends ajax
POST
request to my site with widget_id
data as well. Then on my side I got the widget_id
and the referer:
$referer = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : '';
I'm getting the site value related to the widget_id
from my database, and comparing it with $referer
.
...
if($website_url == $referer) {
$website_checked = true;
}
...
So my question is: can the attacker using some lib(maybe Curl) change the $_SERVER["HTTP_REFERER"]
value, and broke my security?
for example if he use curl and the code:
curl_setopt($ch, CURLOPT_REFERER, 'https://anysite.io/');
Thanks.
So I've updated the question cause as I was thinking that can not be trusted. So please the basic steps of Private authentication algorithm...
Update3: So I started a bounty cause I need to understand the algorithm of Private Authentication in my scenario.
Securing Js
Validating POST request
No, it is not reliable. Users can (and do) forge them, for example, with Referer Control or RefControl - though, such things are done by the user modifying their own browser.
Most referers are correct (simply because the number of people who'd go to the effort of forging them is small), but if security is an issue, you shouldn't depend on them. For this to be secure, those making requests should include private authentication, to that they can prove they're who they say they are.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With