kevinlee12
commented
8 years ago Personally, I would like to decrease the id space so that it looks better, but security > aesthetics .
Closed kevinlee12 closed 8 years ago
kevinlee12
commented
8 years ago Personally, I would like to decrease the id space so that it looks better, but security > aesthetics .
kevinlee12
commented
8 years ago Perhaps assigning pk values using: http://stackoverflow.com/a/28469575
kevinlee12
commented
8 years ago For reference purposes: https://docs.djangoproject.com/en/1.9/ref/models/fields/#uuidfield
kevinlee12
commented
8 years ago Fixed in 4256d55
Note, this is more of a reminder than a feature request/issue.
Publicly visible IDs that take the form of
/entry/123,/activity/32, etc should be randomized into a base 64 ids. Something like the following:The rationale is to prohibit users (or attackers) from searching the objects sequentially through the site. The use of UUIDs is to ensure that there is sufficient space to guarantee uniqueness and using base64 to encode the output of the uuid allows for a URL safe display.