I am having a real hard time to figure this out. Spent around 4 hours crawling the web no SO post to save me.
Imagine a scenario:
I have already written a chrome extension, that captures some particular actions on the webpage (mainly a button click). That action triggers a function, that captures the some user info and button info (all present on the page itself) and displays it
Now i want that the plugin should be able to update this into a database setup on a remote server.
Since I am fluent in PHP (and thus MySQL is good choice), I am looking for a solution to make sure that the updates are made ONLY AND ONLY from the extension itself.
For this I think the best option would be to run a GET/POST request something like http://remoteserver.tld/update-db.php?id=XXXX&action=YYYYY&foo=bar.... etc. But what happens if the user opens/passes post vars to this url outside plugin?
The data will still be updated and integrity will be lost!
The next best idea was to include keys with request, but again the extensions are written in JS, almost anyone can sniff out the keys.
Guide me to the best method to update the database on the remote server and make sure the action is authenticated.
Cheers!
The problem here is one of authentication basically, you want to prevent that anyone is able to update anyone elses datastore.
The most apparent fix for this is to send an additional parameter which is hard to enumerate (hashes are a good example) and which is assigned to only a single instance of your extension (so every user generates it's own authentication hash).
For this hash to be effective, it is important that it is not guessable. Do not create the hash solely based on static stuff like ip-adressess or user agent strings.
You could include these static strings to make collisions less likely tho: [pseudo] sha1(ip_address+user_agent+random_integer).
So basically for you this ends up in the following: let the extension generate a hash for the current instance if it runs for the first time, make an initial request to your server to 'register' this new instance, all subsequent requests which have this hash will authenticate to that instance.
also, use SSL encrypted connections to prevent sniffing.
Please don't solve this with security through obscurity like XORing all over the place, people will find out.
Oh and btw, if you're problem is about the data integrity itself, you can't fix that. The data sent is always user-supplied since everything that the machine does is under control of that user (assumingly).