Re: WebCatalog 4.0 has been released!

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 32841
interpreted = N
texte = on 07.06.2000 18:47, John Peacock at JPeacock@UnivPress.com wrote:> Under existing 3.x sites, I can override _system variables_ like> [IPADDRESS] by simply adding &ipaddress=192.168.000.001 to the command> line. That is a big security hole, now plugged in 4.x.> > ...This is, IMNSHO, bad programming...Agree. I have a site where I did some navigtion stuff based on referer.Finally I came under pressure and solved some problems with this nastytechnique in links: ?referer=index2.tplFine, this might kill the site if we go with 4.0 now - but it is not thefault of the program, when a developer discovers a bug and turns it into afeature...Peter-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Chris Brandt 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Mark Derrick 2000)
Re: WebCatalog 4.0 has been released! (Peter Ostry 2000)
Re: WebCatalog 4.0 has been released! (Alex McCombie 2000)
Re: WebCatalog 4.0 has been released! (Joseph D'Andrea 2000)
Re: WebCatalog 4.0 has been released! (John Peacock 2000)
Re: WebCatalog 4.0 has been released! (Joseph D'Andrea 2000)
Re: WebCatalog 4.0 has been released! (John Butler 2000)
Re: WebCatalog 4.0 has been released! (Alex McCombie 2000)
Re: WebCatalog 4.0 has been released! (John Peacock 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Mark Derrick 2000)
Re: WebCatalog 4.0 has been released! (Paul Uttermohlen 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Mark Derrick 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Jay Van Vark 2000)
Re: WebCatalog 4.0 has been released! (Mike Heininger 2000)
Re: WebCatalog 4.0 has been released! (Peter Ostry 2000)
Re: WebCatalog 4.0 has been released! (Jesse Proudman 2000)
WebCatalog 4.0 has been released! (Jay Van Vark 2000)
WebCatalog 4.0 has been released! (Jay Van Vark 2000)

on 07.06.2000 18:47, John Peacock at JPeacock@UnivPress.com wrote:> Under existing 3.x sites, I can override _system variables_ like> [ipaddress] by simply adding &ipaddress=192.168.000.001 to the command> line. That is a big security hole, now plugged in 4.x.> > ...This is, IMNSHO, bad programming...Agree. I have a site where I did some navigtion stuff based on referer.Finally I came under pressure and solved some problems with this nastytechnique in links: ?referer=index2.tplFine, this might kill the site if we go with 4.0 now - but it is not thefault of the program, when a developer discovers a bug and turns it into afeature...Peter-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Peter Ostry

DOWNLOAD WEBDNA NOW!

Re: WebCatalog 4.0 has been released!

2000

Top Articles:

Related Readings: