search

librespeed / speedtest

Self-hosted Speed Test for HTML5 and more. Easy setup, examples, configurable, mobile friendly. Supports PHP, Node, Multiple servers, and more
https://librespeed.org
GNU Lesser General Public License v3.0
12.11k stars 2.19k forks source link

Suggestion: HashIDs for telemetry links #186

Closed Dubz closed 5 years ago

Dubz commented 5 years ago

Description

Rather than having links like the following: https://example.com/speedtest/results/?id=1 You would get a link like: https://example.com/speedtest/results/?id=ejRe (This is an empty salt with a minimum length of 4)

Why it should be implemented

Block the ability to increment results ID number to harvest user data

Implementation suggestions

Customization for your own salt, minimum length, and alphabet of characters (leaving the default to the plugin's)

Website

https://hashids.org/

This does not require any changes to the database. Simply change the given link in the results to the encoded version, then decode the ID from the $_GET variable on visit.

adolfintel commented 5 years ago

The idea is good, but I don't want an external dependency on the project so I'll try to implement the idea myself when I have time.