Skip to main content
AI Assist is now on Stack Overflow. Start a chat to get instant answers from across the network. Sign up to save and share your chats.

Return to Answer

replaced http://stackoverflow.com/ with https://stackoverflow.com/
Source Link
URL Rewriter Bot
URL Rewriter Bot

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

https://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?How to generate HMAC-SHA1 in C#?

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

https://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

https://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?

replaced http://security.stackexchange.com/ with https://security.stackexchange.com/
Source Link
URL Rewriter Bot
URL Rewriter Bot

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

http://security.stackexchange.com/questions/20129/how-when-do-i-use-hmachttps://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

http://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

https://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?

Source Link
JOBG
JOBG
  • 4.6k
  • 4
  • 30
  • 48

One way to check if a value has changed from its original state (server side), is through HMAC mechanism.

Basically it generates a hash based on a string and secret key, and this hash is sent along with the form as a hidden field (http get), if the value is changed by the customer then the recalculation of the hash (http post) will be different from what is stored in the hidden field, then you know that someone change the value of that field.

This may be a little overworked but is one of the safest methods.

http://security.stackexchange.com/questions/20129/how-when-do-i-use-hmac

How to generate HMAC-SHA1 in C#?