tags:

views:

47

answers:

3
+1  Q: 

Prevent tampering with client-side geocoding results

We are building a service that uses location-based pricing. The user can input an address and see prices in his area as determined by various server-side algorithms. It is then possible to order items based on these prices.

I'm trying to figure out if there is a way we can use client-side geocoding in this scenario (to avoid hitting Google Maps API usage limits), e.g. the user enters his address and the browser fetches the geocode result using the JS library and includes it in the form submission. The problem is that the user could tamper with the form submission and potentially place orders to his address for prices that apply to a different set of coordinates.

I'd like to hear your suggestions about how I can secure this. For example, it would be amazing if the geocode result could be signed somehow to verify that it hasn't been tampered with?

+5  A: 

Never trust data created clientside. Anything you can do client side, they can.

Kristoffer S Hansen  2010-09-16 13:57:03
If the Google Maps API signed the result that would be one solution. I am aware of the tampering issue, this is why I asked the question.
Nikolaj  2010-09-16 13:59:08
@Nikolaj: But they don't.
Piskvor  2010-09-16 14:22:33
+2  A: 

If you want the client machine to do the request, you are going to be a bit limited in the security aspect of this, as it would all be javascript, and a malicious user could inspect the script and see what you are doing. Therefore even attempts at "securing" it would be limited in success.

My only recommendation would be to do a "final validation" serverside just as the user is submitting their results. This should reduce the API hits on your server side, but will keep the security 100% valid.

Mitchel Sellers  2010-09-16 13:57:28
Yeah, if I do a final validation as the order is placed I suppose it becomes a luxury problem of having too many people wanting to buy stuff :)
Nikolaj  2010-09-16 14:02:12
Bingo! You get the benefit of local user storage, but the security of validating it yourself.
Mitchel Sellers  2010-09-16 14:27:35
+1  A: 

If the data's stored on the users' machine, they can do what they want with it. You might be able to encrypt it or something, or maybe store an ID to a table of geodata (like a zip code, but make up your own similar system) or a hash of the geodata or something, but whatever's stored on their machine is their's.

FrustratedWithFormsDesigner  2010-09-16 13:59:09

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security