Re: Google Web Accelerator
This WebDNA talk-list message is from 2005
It keeps the original formatting.
numero = 62009
interpreted = N
texte = I agree. WA will not be installed on my computer. Could you imagine a test page for removing records wiping out an entire db? It would defeat IP based security measures too. I see too many problems to allow this thing access to my servers.-----Original Message-----From: Jay Van Vark
Sent: Thu, 12 May 2005 08:08:24 -0700To: "WebDNA Talk" Subject: Re: Google Web AcceleratorBeyond the really destructive, like the admin stuff we are talking about... What about the user experience of pre-fetching an "add to cart" or a "remove from cart" link...? Seems like the rewrite rules at the server level are the best solution...On May 12, 2005, at 8:03 AM, devaulw@onebox.com wrote:> If someone doesn't have access, the WA doesn't confer it.>> If someone does have access, WA does permit destructive access.> Who wants their proxy server to do that?>> -----Original Message-----> From: Donovan Brooke > Sent: Thu, 12 May 2005 06:58:37 -0500> To: "WebDNA Talk" > Subject: Re: Google Web Accelerator>> sal danna wrote:>> [snip]They can't get to password protected areas, they don't cache>> https links, they don't cache news or large files. If you have the>> ability to "delete" or "cancel" something sensitive without all of >> those>> protections you are just asking for it to be deleted or >> canceled.[/snip]>> Doesn't matter if it's password protected or not because Google Web>> Accelerator is software you install in your browser so it's seeing>> whatever you are seeing (even if it's password protected). This is>> what the first link says you should do to protect your site:>> "If you have a web app, it might be worth returning a 403 when the>> HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web>> Accelerator from clicking destructive links.">> Sal D'Anna>> I guess I don't get your point Sal, if its installed on someoneelses> browser that doesn't have access to my sensitive content, how is that> a problem?>> Donovan>>>> -- > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o> DONOVAN D. BROOKE Eucalyptus Design> <-Web Development (specializing in eCommerce), ->> <- Graphic Design, Custom Tags and Labels ->>> ADDRESS:> Donovan Brooke> DBA Eucalyptus Design> N2862 Summerville Park Rd.> Lodi, WI 53555> PH:> 1.608.592.3567> Web:> http://www.euca.us> =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>>Jay Van Vark'Guiding Positive Change in High-Tech Companies'voice (858) 229-3102efax (801) 659-7952http://www.vanvark.net-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I agree. WA will not be installed on my computer. Could you imagine a test page for removing records wiping out an entire db? It would defeat IP based security measures too. I see too many problems to allow this thing access to my servers.-----Original Message-----From: Jay Van Vark Sent: Thu, 12 May 2005 08:08:24 -0700To: "WebDNA Talk" Subject: Re: Google Web AcceleratorBeyond the really destructive, like the admin stuff we are talking about... What about the user experience of pre-fetching an "add to cart" or a "remove from cart" link...? Seems like the rewrite rules at the server level are the best solution...On May 12, 2005, at 8:03 AM, devaulw@onebox.com wrote:> If someone doesn't have access, the WA doesn't confer it.>> If someone does have access, WA does permit destructive access.> Who wants their proxy server to do that?>> -----Original Message-----> From: Donovan Brooke > Sent: Thu, 12 May 2005 06:58:37 -0500> To: "WebDNA Talk" > Subject: Re: Google Web Accelerator>> sal danna wrote:>> [snip]They can't get to password protected areas, they don't cache>> https links, they don't cache news or large files. If you have the>> ability to "delete" or "cancel" something sensitive without all of >> those>> protections you are just asking for it to be deleted or >> canceled.[/snip]>> Doesn't matter if it's password protected or not because Google Web>> Accelerator is software you install in your browser so it's seeing>> whatever you are seeing (even if it's password protected). This is>> what the first link says you should do to protect your site:>> "If you have a web app, it might be worth returning a 403 when the>> HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web>> Accelerator from clicking destructive links.">> Sal D'Anna>> I guess I don't get your point Sal, if its installed on someoneelses> browser that doesn't have access to my sensitive content, how is that> a problem?>> Donovan>>>> -- > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o> DONOVAN D. BROOKE Eucalyptus Design> <-Web Development (specializing in eCommerce), ->> <- Graphic Design, Custom Tags and Labels ->>> ADDRESS:> Donovan Brooke> DBA Eucalyptus Design> N2862 Summerville Park Rd.> Lodi, WI 53555> PH:> 1.608.592.3567> Web:> http://www.euca.us> =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>>Jay Van Vark'Guiding Positive Change in High-Tech Companies'voice (858) 229-3102efax (801) 659-7952http://www.vanvark.net-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
devaulw@onebox.com
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat Admin access w/ClearlyHome p.i. (1997)
HELP WITH DATES (1997)
PSC recommends what date format yr 2000??? (1997)
Instructions for Digest (1997)
[searchString] (1997)
The Mysterious '<' (1998)
Force a search at the default.tmpl page? (1997)
docs for WebCatalog2 (1997)
Read and weep (2003)
international time (1997)
ReadDateFormat bug in 3.x (1998)
RE: [WebDNA] Search using CL (2017)
Help name our technology! I found it (1997)
Duplicate Carts (2000)
WebCat2b15MacPlugin - showing [math] (1997)
Date problems (1997)
Classified Ads 4 Sale (1998)
[OT] Tumbleweed.... (2004)
WebCat2: Items xx to xx shown, etc. (1997)
Help! WebCat2 bug (1997)