Re: Variable security
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 33448
interpreted = N
texte = This was all covered during beta. Ken screamed that he didn't want to touch a single line of his 3.0 WebDNA, even if it meant that we shipped a product with a security hole. We would have preferred to plug the hole completely, but were talked into a hybrid approach that allows people to continue to write sites that are not secure.Our very clear policy is that we will not knowingly ship a product which has a default behavior that is not secure. By providing the extra parameter as workaround for legacy code, we have also provided for those people who wish to continue writing code in the old way. But it requires a conscious act to make the variables un-secure. This is preferable to forcing all future customers to resort to a conscious act to make their sites *secure*.We came up with a good compromise during beta, and everyone was as happy as is possible in such a situation.Grant Hulbert, Director of Engineering **********************************Smith Micro, Internet Solutions Div | eCommerce (WebCatalog)16855 West Bernardo Drive, #380 | -------------------------San Diego, CA 92127 | Software & Site DevelopmentMain Line: (858) 675-1106 | http://www.smithmicro.com Fax: (858) 675-0372 **********************************#############################################################This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to
Associated Messages, from the most recent to the oldest:
This was all covered during beta. Ken screamed that he didn't want to touch a single line of his 3.0 WebDNA, even if it meant that we shipped a product with a security hole. We would have preferred to plug the hole completely, but were talked into a hybrid approach that allows people to continue to write sites that are not secure.Our very clear policy is that we will not knowingly ship a product which has a default behavior that is not secure. By providing the extra parameter as workaround for legacy code, we have also provided for those people who wish to continue writing code in the old way. But it requires a conscious act to make the variables un-secure. This is preferable to forcing all future customers to resort to a conscious act to make their sites *secure*.We came up with a good compromise during beta, and everyone was as happy as is possible in such a situation.Grant Hulbert, Director of Engineering **********************************Smith Micro, Internet Solutions Div | eCommerce (WebCatalog)16855 West Bernardo Drive, #380 | -------------------------San Diego, CA 92127 | Software & Site DevelopmentMain Line: (858) 675-1106 | http://www.smithmicro.com Fax: (858) 675-0372 **********************************#############################################################This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to
Grant Hulbert
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Aaron kant add (or whatever it was) (2000)
Document Contains No Data! (1997)
Just Testing (1997)
Searching for ALL / empty form field (1997)
the comparison character \ (2000)
Works! (1997)
Tab Charactor (1997)
403 Forbidden Errors (2003)
Sku numbers (1997)
Please.. copies of Digest for 7/29 and 7/30? (1997)
WebCatalog2 Feature Feedback (1996)
Purchased cart being overwritten - still !?? (1997)
Email within tmpl ? (1997)
Newbie from and old bee (1997)
SMSI -- a [notfound] context? (2002)
[shownext max (1997)
ErrorMessages.db suggestion (1997)
Associative lookup style? (1997)
RE: New WebCatalog Version !!! (1997)
WC2.0 Memory Requirements (1997)