Use one session token to reference properties stored in a server-side cache.

Question

1.00/5 (1 vote)

See more:

I am working on application by using Java as back end and Ionic-Angular is for the front end.
But I am getting Parameter Manipulation issues as below.

Manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.

Would you please somebody help me to fix this issue.

What I have tried:

I am trying to fix on the server side cache, but not completely, I only tried.

Posted 8-Nov-18 19:11pm

Member 14048948

Add a Solution

Comments

Afzaal Ahmad Zeeshan 9-Nov-18 4:09am

I guess the problem is that your parameters, that are being passed are being modified. Perhaps, one of the reasons is a mismatch of the key being used for traffic encryption (I being applied).

Please see the following links to understand why it might be happening,
https://ieeexplore.ieee.org/document/6296103
https://www.owasp.org/index.php/Web_Parameter_Tampering

I assume it would be because Ionic is not doing anything, and Java expects it to do something with the data being passed. Under any case, please see how Ionic and Java (which framework?) connects and provides a service.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)