J
jesusitoLinux
Hi everyone!!
Maybe this is a stupid question.
Let's suppose I have a login system for users, and that logged users can insert posts of texts using Ajax requests on the data base. A logged user can use Firebug to post a big amount of posts on the data base.
How can I prevent this? To prevent a user to use client side JavaScript to post a big amount of Ajax requests. I am using PHP as the server language.
I could use a CSFR token, but once the user has the token in the client side, she/he could use the token to perform thousands of Ajax requests.
Thank you very much!!
Continue reading...
Maybe this is a stupid question.
Let's suppose I have a login system for users, and that logged users can insert posts of texts using Ajax requests on the data base. A logged user can use Firebug to post a big amount of posts on the data base.
How can I prevent this? To prevent a user to use client side JavaScript to post a big amount of Ajax requests. I am using PHP as the server language.
I could use a CSFR token, but once the user has the token in the client side, she/he could use the token to perform thousands of Ajax requests.
Thank you very much!!
Continue reading...