i keep hearing that i shouldn't be using primary keys in my asp.net mvc url
for example: /Users/Edit/1243
what is the issue here?
what is the alternative, putting in user names? as you want it to be unique, it seems like primary key is the cleanest option
thoughts?
I don't see any problem with putting the primary key on the URL (neither do the creators of Stack Overflow and countless other sites either for that matter). One thing that is often done is to supply the primary key and also supply a SEO and user friendly "slug" that is a human-readable title of the data that the identifier links to.
If you intend to identify a resource (in your case, a user account) you will have to supply a unique identifier on the URL. Even if you decide to not use the primary key you must still choose an identifier that cannot change.
There could be two reasons
- Security consern
- SEO Optimization
putting usernames seems to be a good alternative
I think you should keep that primary key - otherwise how will you identify your entity.
Two points:
There's no real issue with using the primary key, especially if it's int (guids make for ugly urls).
An edit is a bad example, what if you had something like
www.example.org/users/1234
That doesn't really tell you much. and if it's a profile page it's awfully counter-intuitive.
The right URL for the right job.
One of the issues with putting (numeric) primary keys in the URL is someone (or some search engine) could start replacing the number with other numbers to see what you've got in your db. Often this isn't a problem, but if...
...you have to make sure you do permission checking in your Action method to ensure no one sees data they shouldn't. As long as you are doing the proper permission checking on each request - primary keys shouldn't pose a problem.