Re: [WebDNA] Putting '&search' into URL killing all search contexts

This WebDNA talk-list message is from

2010


It keeps the original formatting.
numero = 105341
interpreted = N
texte = --0016e6da98a9f61723048914dc94 Content-Type: text/plain; charset=UTF-8 Brian, Hi - finally got your code to work once I put the exclamation mark item right at the top of the pre-parse script, i.e. before any comment tags. Thanks for this fix. Take care - Tom On Tue, Jun 15, 2010 at 5:38 PM, Brian Fries wrote: > Nice, Olin. Got me thinking, and I extended the concept thusly, checking > for several bad formvariables that may compromise your site's security: > > [formvariables name=search][redirect /][/formvariables] > [formvariables name=!][redirect /][/formvariables] > [formvariables name=text][redirect /][/formvariables] > [formvariables name=math][redirect /][/formvariables] > [formvariables name=encrypt][redirect /][/formvariables] > [formvariables name=decrypt][redirect /][/formvariables] > > > Brian Fries > BrainScan Software > > --0016e6da98a9f61723048914dc94 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Brian,

Hi - finally got your code to work once I put the= exclamation mark item right at the top of the pre-parse script, i.e. befor= e any comment tags.

Thanks for this fix.

Take care
- Tom



<= div class=3D"gmail_quote">On Tue, Jun 15, 2010 at 5:38 PM, Brian Fries <dna@brainscansoftware.com> wrote:
Nice, Olin. Got me thinking, and I extended = the concept thusly, checking for several bad formvariables that may comprom= ise your site's security:

[formvariables name=3Dsearch][redirect /][/formvariables]
[formvariables name=3D!][redirect /][/formvariables]
[formvariables name=3Dtext][redirect /][/formvariables]
[formvariables name=3Dmath][redirect /][/formvariables]
[formvariables name=3Dencrypt][redirect /][/formvariables]
[formvariables name=3Ddecrypt][redirect /][/formvariables]


Brian Fries
BrainScan Software

--0016e6da98a9f61723048914dc94-- Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Mr. Robert Minor Jr." 2010)
  2. Re: [WebDNA] Putting '&search' into URL killing all search (Alex McCombie 2010)
  3. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  4. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  5. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  6. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  7. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  8. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  9. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  10. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Marc Thompson 2010)
  11. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  12. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  13. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  14. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Brian Fries 2010)
  15. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  16. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Kenneth Grome 2010)
  17. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  18. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  19. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  20. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  21. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Mr. Robert Minor Jr." 2010)
  22. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  23. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  24. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Brian Fries 2010)
  25. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  26. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Kenneth Grome 2010)
  27. RE: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Olin Lagon" 2010)
  28. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  29. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Stuart Tremain 2010)
  30. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  31. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Stuart Tremain 2010)
  32. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  33. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  34. [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Tom Duke 2010)
--0016e6da98a9f61723048914dc94 Content-Type: text/plain; charset=UTF-8 Brian, Hi - finally got your code to work once I put the exclamation mark item right at the top of the pre-parse script, i.e. before any comment tags. Thanks for this fix. Take care - Tom On Tue, Jun 15, 2010 at 5:38 PM, Brian Fries wrote: > Nice, Olin. Got me thinking, and I extended the concept thusly, checking > for several bad formvariables that may compromise your site's security: > > [formvariables name=search][redirect /][/formvariables] > [formvariables name=!][redirect /][/formvariables] > [formvariables name=text][redirect /][/formvariables] > [formvariables name=math][redirect /][/formvariables] > [formvariables name=encrypt][redirect /][/formvariables] > [formvariables name=decrypt][redirect /][/formvariables] > > > Brian Fries > BrainScan Software > > --0016e6da98a9f61723048914dc94 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Brian,

Hi - finally got your code to work once I put the= exclamation mark item right at the top of the pre-parse script, i.e. befor= e any comment tags.

Thanks for this fix.

Take care
- Tom



<= div class=3D"gmail_quote">On Tue, Jun 15, 2010 at 5:38 PM, Brian Fries <dna@brainscansoftware.com> wrote:
Nice, Olin. Got me thinking, and I extended = the concept thusly, checking for several bad formvariables that may comprom= ise your site's security:

[formvariables name=3Dsearch][redirect /][/formvariables]
[formvariables name=3D!][redirect /][/formvariables]
[formvariables name=3Dtext][redirect /][/formvariables]
[formvariables name=3Dmath][redirect /][/formvariables]
[formvariables name=3Dencrypt][redirect /][/formvariables]
[formvariables name=3Ddecrypt][redirect /][/formvariables]


Brian Fries
BrainScan Software

--0016e6da98a9f61723048914dc94-- Tom Duke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Nesting format tags (1997) WebCat2: Master Counter snippet (1997) Up and running ... at last !! (1997) Before I Can Begin . . . (1998) Install Webcatalog under NT4.0 and Microsoft IIS 2.0 (1997) WebCatalog stalls (1998) Re[2]: Searchable archives gone again??? (2000) Banner DNA (1997) Snake Bites (1997) Overiding the sku (2001) Country & Ship-to address & other fields ? (1997) WebCat2 - Getting to the browser's username/password data (1997) WebCatalog Hosting (1996) request for comment tag (1998) carriage returns in data (1997) [WebDNA] File Upload Issue (2012) Include files (1998) [TaxableTotal] - not working with AOL and IE (1997) Strange intermittent WebDNA problems (2008) [WebDNA] Apply discount using a line item (2011)