I am implementing a “Report an Issue” menu in my app to allow users to send any reports directly to my website. I have got it all working and tested it, no problems. I am using HTTPSocket to upload and have a PHP script on the web-server which simply appends a text file with the uploaded comments in CSV format.
The user simply enters text in a text area on a window in my app and they can optionally enter their email address in a text field if they wish to have a response.
What security issues should I consider? Am I going to have issues sandboxing my app with this feature for distribution on the MAS?
Thanks
How about the PHP script… what happens if I trigger it manually sending a lot of text multiple times ?
Tobias.
I am not sure about MAS, but if you wanted to prevent spam bots from potentially finding your script, you could add in a parameter that that your app generates and your service is expecting. It would have to be a dynamic value, but be careful about relying on date/time. It is getting more rare w/everyones clocks syncing, you are not guaranteed that the users clock is set properly.
Then on the PHP side of things, silently reject requests w/o that key.
Now, about other security issues… You mention HTTP, not HTTPS so I am assuming all of this is sent over the clear wire, thus anything included in the report is up for grabs. Will a user type in, “I tried to login with my normal password of ‘secret’” or will your app be sending any other private data that you don’t want others to see? An easy solution for this would be to use HTTPSecureSocket.
[quote=18519:@Jeremy Cowgar]Now, about other security issues… You mention HTTP, not HTTPS so I am assuming all of this is sent over the clear wire, thus anything included in the report is up for grabs. Will a user type in, “I tried to login with my normal password of ‘secret’” or will your app be sending any other private data that you don’t want others to see? An easy solution for this would be to use HTTPSecureSocket.
[/quote]
Jeremy yes I thought about this. I don’t have a ssl script installed on my server (yet). The other thing I though about doing was encrypt at the client (app) and then send to the server. I can then decrypt offline when I download the text file.
I like the idea of requiring some sort of key in my php script to permit the message to be inserted in the text file.
[quote=18516:@Tobias Eichner]How about the PHP script… what happens if I trigger it manually sending a lot of text multiple times ?
Tobias.[/quote]
Tobias, yes at the moment this is possible. I think Jeremy’s idea of requiring a key to insert the data into the text file would overcome this.