2005-05-07
Google Web Accelerator - A Nice Wake-up Call
Google released a beta of their new Web Accelerator, and all hell promptly broke loose. Web accelerators have been around for the masses since dial-up, but with broadband and non-client-side accelerators like Akamai that cache content off your local computer, many of us haven't needed to install acceleration on our computers. Enter Google and their recent foray into web acceleration. When Google speaks, people (and especially geeks like me) listen, so we dutifully installed the web accelerator to see what new marvels Google has cooked up. The results, for some, weren't pleasant.
The Google Web Accelerator (call it GWA) accelerates by prefetching the links it sees on your current page. Since it's looking over your shoulder as you surf the web from your browser, it can also follow you into administrative areas on web pages, and if there are links that say "delete mail" or "destroy my data," it will check those out too. Some people have lost data.
On the positive side, this problem has focused many web developers' attention on the use of links to modify data. Preferably, the simple link (or GET) shouldn't modify the data store; it should only return data. GETs should be idempotent and a POST form should be used when we actually plan to modify data. Lesson 1.
Once you dig a little deeper, though, GWA casts a nice light on a whole range of security concerns that affect both GET and POST ways of handling actions that do sensitive things, like delete data or change passwords. And it couldn't have come at a better time for Rails developers as they work towards The Version 1.0. Better to get this stuff right sooner rather than later.
I don't like POSTs too much, because as Steve Krug and other usability experts point out, we are fond of the BACK button. We click here and there and if we don't find what we want, we go back. If you go back through a POST, though, you are often greeted with a popup window.
I wonder about the HTML PUT, one of the less discussed HTML methods, but it doesn't seem to be in the HTML 4.01 specs. The best idea I've read is using random form keys to help identify POSTed data's origin. And now I'm motivated to look over articles on REST and Roy Fielding's seminal dissertation. A nice shorter paper on REST available in PDF format (328 KB): "Principled Design of the Modern Web Architecture" by Fielding and Taylor. Nothing like a little crisis and a large flame war to help developers learn new things :)
The Google Web Accelerator (call it GWA) accelerates by prefetching the links it sees on your current page. Since it's looking over your shoulder as you surf the web from your browser, it can also follow you into administrative areas on web pages, and if there are links that say "delete mail" or "destroy my data," it will check those out too. Some people have lost data.
On the positive side, this problem has focused many web developers' attention on the use of links to modify data. Preferably, the simple link (or GET) shouldn't modify the data store; it should only return data. GETs should be idempotent and a POST form should be used when we actually plan to modify data. Lesson 1.
Once you dig a little deeper, though, GWA casts a nice light on a whole range of security concerns that affect both GET and POST ways of handling actions that do sensitive things, like delete data or change passwords. And it couldn't have come at a better time for Rails developers as they work towards The Version 1.0. Better to get this stuff right sooner rather than later.
I don't like POSTs too much, because as Steve Krug and other usability experts point out, we are fond of the BACK button. We click here and there and if we don't find what we want, we go back. If you go back through a POST, though, you are often greeted with a popup window.
I wonder about the HTML PUT, one of the less discussed HTML methods, but it doesn't seem to be in the HTML 4.01 specs. The best idea I've read is using random form keys to help identify POSTed data's origin. And now I'm motivated to look over articles on REST and Roy Fielding's seminal dissertation. A nice shorter paper on REST available in PDF format (328 KB): "Principled Design of the Modern Web Architecture" by Fielding and Taylor. Nothing like a little crisis and a large flame war to help developers learn new things :)
