Re: why am I getting an authenticate dialog with no [protect]?

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 36092
interpreted = N
texte = on 11.08.2000 19:08, Steven Jarvis at sjarvis@nwaonline.net wrote:> ...I'm actually passing an Append command to the db, > and I didn't have Append in the list of allowed non-admin commands, as Chris > Allman suggest. I added Append to that list and the problem is now solved! I recommend NOT to use commands at all. Anybody can alter your database by simply playing with the URL. Of course, in a limited way this is possibly with context's too, but better controllable by the programmer. Meaningful commands in the URL are an invitation for hobby-hackers. They only need some phantasy, experience or a Webcat manual to destroy your site... Peter ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  2. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  3. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  4. Re: why am I getting an authenticate dialog with no [protect]? (Peter Ostry 2000)
  5. Re: why am I getting an authenticate dialog with no [protect]? (Marty Schmid 2000)
  6. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  7. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  8. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  9. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  10. Re: why am I getting an authenticate dialog with no [protect]? (Chris Allman 2000)
  11. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  12. Re: why am I getting an authenticate dialog with no [protect]? (Joseph D'Andrea 2000)
  13. why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
on 11.08.2000 19:08, Steven Jarvis at sjarvis@nwaonline.net wrote:> ...I'm actually passing an Append command to the db, > and I didn't have Append in the list of allowed non-admin commands, as Chris > Allman suggest. I added Append to that list and the problem is now solved! I recommend NOT to use commands at all. Anybody can alter your database by simply playing with the URL. Of course, in a limited way this is possibly with context's too, but better controllable by the programmer. Meaningful commands in the URL are an invitation for hobby-hackers. They only need some phantasy, experience or a Webcat manual to destroy your site... Peter ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Peter Ostry

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

F3 crashing server (1997) SERIAL NUMBER PROBLEM *AGAIN*!!! (1998) WebCat2: Items xx to xx shown, etc. (1997) For those of you not on the WebCatalog Beta... (1997) More Shopping Cart Problems (2000) WebCatalog and barcodes (2000) WebCat2 - [include] tags (1997) what characters are replaced for tab and CR? (1998) when is date system date or order date? (1997) For those of you not on the WebCatalog Beta... (1997) upgrading (1997) [SHOWIF] (1997) Some Questions (1997) Re2: Calculating multiple shipping... (1997) [protect] and identification (2008) Images (2000) WebDNA to Apache RewriteMap (2005) Attention all list readers (1997) WebMerchant Problem (1999) Setting up the server (1997)