使用安全的会话-cookie在HTTP和HTTPS页面之间切换

时间:2022-10-20 18:28:19

Update: Note that every website switching between unsecure HTTP and encrypted HTTPS pages, is inevitable prone to SSL-strip. Please think about using HTTPS for the whole site, although this neither can prevent SSL-strip, at least this gives the user the possibility to call the site safely, if he cares. For sites that need to switch, this method is probably still the best option.

更新:注意,在不安全的HTTP和加密的HTTPS页面之间切换的每个网站,都不可避免地倾向于使用SSL-strip。请考虑为整个站点使用HTTPS,尽管这两种方法都不能阻止SSL-strip,但如果用户关心的话,这至少给了用户安全调用该站点的可能性。对于需要转换的站点,这种方法可能仍然是最好的选择。

It's a common scenario, that a website has pages with sensitive data, which should be accessed only with the HTTPS protocoll, and other ones with noncritical data.

这是一个常见的场景,一个网站有带有敏感数据的页面,这些页面只能通过HTTPS协议访问,而其他页面则需要使用非关键数据。

I found a solution which allows switching between secure and non secure pages, while keeping the session and would like to ask you for any hints about flaws in the concept. The whole article you can find here: Secure session cookie with SSL (of course i'm also happy to hear, that it is safe).

我找到了一种解决方案,它允许在安全页面和非安全页面之间切换,同时保留会话,并希望您对概念中的缺陷提供任何提示。您可以在这里找到的整篇文章:使用SSL的安全会话cookie(当然,我也很高兴听到它是安全的)。

The problem

这个问题

HTTPS makes sure, that nobody between client and server can eavesdrop our communication and prevents a man-in-the-middle attack. Unfortunately this doesn't apply to the session-cookie, it is sent to unencrypted requests too.

HTTPS确保客户端和服务器之间没有人能够窃听我们的通信并防止中间人攻击。不幸的是,这并不适用于session-cookie,它也被发送到未加密的请求。

PHP offers the function session_set_cookie_params(...) with the parameter $secure. This is what we need, but it leaves us to the problem that we loose our session, when we switch to an unsecure page.

PHP提供函数session_set_cookie_params(…),参数为$secure。这是我们所需要的,但它留给我们的问题是,当我们切换到一个不安全的页面时,我们会失去我们的会话。

The authentication cookie

身份验证饼干

The idea of the authentication cookie is, that when the user enters his password (increases his access privileges), we create a second cookie additionally to the unsecure session-cookie, and make sure that only encrypted HTTPS pages have access to it.

身份验证cookie的概念是,当用户输入密码(增加访问权限)时,我们将为不安全的会话-cookie创建第二个cookie,并确保只有加密的HTTPS页面才能访问它。

https://www.example.com/login.php

<?php
  session_start();
  // regenerate session id to make session fixation more difficult
  session_regenerate_id(true);

  // generate random code for the authentication cookie and store it in the session
  $authCode = md5(uniqid(mt_rand(), true));
  $_SESSION['authentication'] = $authCode;

  // create authentication cookie, and restrict it to HTTPS pages
  setcookie('authentication', $authCode, 0, '/', '', true, true);

  print('<h1>login</h1>');
  ...
?>

Now every page (HTTPS and HTTP) can read the unsecure session-cookie, but pages with sensitive information can check for the secure authentication cookie.

现在每个页面(HTTPS和HTTP)都可以读取不安全的会话-cookie,但是具有敏感信息的页面可以检查安全身份验证cookie。

https://www.example.com/secret.php

<?php
  session_start();

  // check that the authentication cookie exists, and that
  // it contains the same code which is stored in the session.
  $pageIsSecure = (!empty($_COOKIE['authentication']))
    && ($_COOKIE['authentication'] === $_SESSION['authentication']);

  if (!$pageIsSecure)
  {
    // do not display the page, redirect to the login page
  }

  ...
?>

An attacker could manipulate the session cookie, but he never has access to the authentication cookie. Only the person who entered the password, can own the authentication cookie, it's always sent over encrypted HTTPS connections.

攻击者可以操纵会话cookie,但他永远无法访问身份验证cookie。只有输入密码的人才能拥有身份验证cookie,它总是通过加密的HTTPS连接发送。

Thanks a lot for every answer!

谢谢你的每一个回答!

1 个解决方案

#1


23  

A simpler alternative: It is becoming an increasingly accepted alternative to use TLS all the time, rather than switching back and forth between secure and unsecure connections. The bulk of additional processing time is spent setting up the secure tunnel, but this is only done once and cached (typically). The symmetric encryption of subsequent traffic is very, very fast on modern processors. It's somewhat out-of-date thinking to believe that this would cause a server overhead or scalability issue.

一个更简单的选择:它正逐渐成为一种越来越被接受的替代方法,它总是使用TLS,而不是在安全的和不安全的连接之间来回切换。大部分额外的处理时间都花在了设置安全通道上,但这只需要执行一次,并进行缓存(通常)。在现代处理器上,后续流量的对称加密速度非常非常快。认为这会导致服务器开销或可伸缩性问题的想法有些过时。

In a recent blog post, a Google engineer reported that when they switched to HTTPS-only for GMail, they found their server overheard increased by only 4%. (Can't find the citation.)

在最近的一篇博客文章中,一位谷歌工程师报告说,当他们切换到https://gmail时,他们发现他们的服务器偷听到的信息只增加了4%。(找不到引用)。

#1


23  

A simpler alternative: It is becoming an increasingly accepted alternative to use TLS all the time, rather than switching back and forth between secure and unsecure connections. The bulk of additional processing time is spent setting up the secure tunnel, but this is only done once and cached (typically). The symmetric encryption of subsequent traffic is very, very fast on modern processors. It's somewhat out-of-date thinking to believe that this would cause a server overhead or scalability issue.

一个更简单的选择:它正逐渐成为一种越来越被接受的替代方法,它总是使用TLS,而不是在安全的和不安全的连接之间来回切换。大部分额外的处理时间都花在了设置安全通道上,但这只需要执行一次,并进行缓存(通常)。在现代处理器上,后续流量的对称加密速度非常非常快。认为这会导致服务器开销或可伸缩性问题的想法有些过时。

In a recent blog post, a Google engineer reported that when they switched to HTTPS-only for GMail, they found their server overheard increased by only 4%. (Can't find the citation.)

在最近的一篇博客文章中,一位谷歌工程师报告说,当他们切换到https://gmail时,他们发现他们的服务器偷听到的信息只增加了4%。(找不到引用)。