I am working on an Asp.Net MVC 3 / knockout.js site for several users, where they can store information about their sites. Here is a simple version of the model
class{
string Id
string Name
string Url
string Description
}
I want to create a very responsive user interface to all saving, etc. performed through Ajax.
So, the scenario is that the user added som sites to his list and clicks to save the json string posted on the Actionmethod in the controller.
Everything is working fine.
Problem:
How can I guarantee that the user has not violated the identifier and actually saves information about some other user sites?
Id, of course, hiddden, but any evil person with some knowledge on the Internet can easily change the identifier.