I’ve developed a CMS app, that stores all the client’s files on their server but does the processing on mine (i.e. keeping hold of the valuable code I developed, while not allowing user submitted code to make my site vulnerable). Now the issue is the user has a control panel to edit their website, this is hosted on their website, it’s a 1 page thing, but the login details/sessions are always on my website.
I was thinking of having a way of making the edit page on there site only accessible if a token passed is valid, both sites can have the same way to develop and check the same token. Is this acceptable security, I mean the only exploit I can think of is if the URL was somehow sniffed and used independently in the same time frame that the token is still valid. Checking headers is an optional extra bit of security but these can be faked so it’s not an absolute solution. I don’t know how easy it is to sniff a users web traffic, would this method be ok to use?
Thanks in advance.
Well, sniffing attacks are readily defeated by just encrypting your transport (i.e. using SSL), so long as you also verify certificates (to defeat a man-in-the-middle attack).
I’m not sure I fully understand your setup, but it seems like you should have the edit page call out to your backend server, passing it the token for authentication. Is that what you intended, or…?