Object Reference ¶
A direct object reference occurs when an application exposes to the client a reference to an server-side object, such as a file, directory, database record, or key. These references may be included in URLs or form parameters.
Securing object references through the use of randomly generated indirect references has two consequences:
- First, it means the data coming from the client must pass through the reference map. In this way the reference map does some limited validation because the incoming indirect reference must have an entry in the map.
- Second, it discourages guessing of object references. It is almost certainly easier for an attacker to guess a new direct object reference than a randomly generated indirect one.
Secure Object References¶
For a complete solution, take a look at ESAPI's Access Reference Map.
The typical way to implement a direct <-> indirect object reference mapping is with a bidirectional dictionary, also known as a bijection. There are a few options for doing this in Python:
The indirect references should be randomly generated.
The entire access reference map should be stored in the user's session.
-
Wiki content is available under a Creative Commons 3.0 License.
