|
|
|
|
|
|
by frederikb
990 days ago
|
|
|
In any case regardless of UUIDv4, v7 or any other format you should not allow the untrusted client to determine the real ID - as long as there is at least one trusted component in the architecture which would take over this role. This should help eliminate a whole set of possible security issues. |
|
|