Re: [WebDNA] Putting '&search' into URL killing all search contexts

This WebDNA talk-list message is from

2010


It keeps the original formatting.
numero = 105357
interpreted = N
texte = I did a search on the website for fastCGI, but it returned: Sorry, search for "fastCGI" returned no result Where can I find information about the fastCGI version? Marc On 6/15/2010 3:41 PM, christophe.billiottet@webdna.us wrote: > This is true: this bug has been there for a very long time. There is no easy fix as long as URL commands are active, because if we fix it, then URL commands do not work anymore: we spent a large number of hours on this. The bug has been fixed in the fastCGI version and the URL commands have been removed. The fastCGI version is free to everyone. > > May i add we did not charge for 6.0 to 6.2 upgrades, meaning we globally worked for the community, with scarce return. We now have to make difficult decisions about were we spend our remaining resources, and the fastCGI version is our choice. > > - chris > ============================ > WebDNA Software Corporation > 16192 Coastal Highway > Lewes, DE 19958 > > > > > > On Jun 15, 2010, at 17:53, Brian Fries wrote: > >> Before anyone panics (too late?) this has been a "feature" of WebCatalog / WebDNA since the 90's. Your servers are in no more danger today than they were yesterday, aside from anybody trolling the list and learning about the hackability. >> >> That said, yes, indeed, this is a major security hole that should be patched ASAP. >> >> Brian Fries >> BrainScan Software >> >> >> On Jun 15, 2010, at 1:44 PM, Govinda wrote: >> >>>> Wow, this is a bit more serious than I had first imagined. Maybe WSC can take a break from their other work ... and create a patched version for 6.x users? >>>> >>>> Just a thought. >>>> >>>> Sincerely, >>>> Kenneth Grome >>> >>> >>> WSC, please!! >>> >>> -- >>> Govinda >>> govinda.webdnatalk@gmail.com >>> >> > > > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list. > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=pics&category(8 > . > -- ------------------------------------------- Marc Thompson Software Engineer Media Solutions University Information Technology University of Utah 801.585.9264 marc.thompson@utah.edu ------------------------------------------- Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Mr. Robert Minor Jr." 2010)
  2. Re: [WebDNA] Putting '&search' into URL killing all search (Alex McCombie 2010)
  3. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  4. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  5. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  6. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  7. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  8. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  9. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  10. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Marc Thompson 2010)
  11. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  12. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  13. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  14. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Brian Fries 2010)
  15. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  16. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Kenneth Grome 2010)
  17. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Govinda 2010)
  18. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  19. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  20. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  21. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Mr. Robert Minor Jr." 2010)
  22. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  23. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  24. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Brian Fries 2010)
  25. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  26. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Kenneth Grome 2010)
  27. RE: [WebDNA] Putting '&search' into URL killing all search contexts on my sites ("Olin Lagon" 2010)
  28. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  29. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Stuart Tremain 2010)
  30. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Donovan Brooke 2010)
  31. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Stuart Tremain 2010)
  32. Re: [WebDNA] Putting '&search' into URL killing all search contexts (Tom Duke 2010)
  33. Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites (christophe.billiottet@webdna.us 2010)
  34. [WebDNA] Putting '&search' into URL killing all search contexts on my sites (Tom Duke 2010)
I did a search on the website for fastCGI, but it returned: Sorry, search for "fastCGI" returned no result Where can I find information about the fastCGI version? Marc On 6/15/2010 3:41 PM, christophe.billiottet@webdna.us wrote: > This is true: this bug has been there for a very long time. There is no easy fix as long as URL commands are active, because if we fix it, then URL commands do not work anymore: we spent a large number of hours on this. The bug has been fixed in the fastCGI version and the URL commands have been removed. The fastCGI version is free to everyone. > > May i add we did not charge for 6.0 to 6.2 upgrades, meaning we globally worked for the community, with scarce return. We now have to make difficult decisions about were we spend our remaining resources, and the fastCGI version is our choice. > > - chris > ============================ > WebDNA Software Corporation > 16192 Coastal Highway > Lewes, DE 19958 > > > > > > On Jun 15, 2010, at 17:53, Brian Fries wrote: > >> Before anyone panics (too late?) this has been a "feature" of WebCatalog / WebDNA since the 90's. Your servers are in no more danger today than they were yesterday, aside from anybody trolling the list and learning about the hackability. >> >> That said, yes, indeed, this is a major security hole that should be patched ASAP. >> >> Brian Fries >> BrainScan Software >> >> >> On Jun 15, 2010, at 1:44 PM, Govinda wrote: >> >>>> Wow, this is a bit more serious than I had first imagined. Maybe WSC can take a break from their other work ... and create a patched version for 6.x users? >>>> >>>> Just a thought. >>>> >>>> Sincerely, >>>> Kenneth Grome >>> >>> >>> WSC, please!! >>> >>> -- >>> Govinda >>> govinda.webdnatalk@gmail.com >>> >> > > > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list. > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=pics&category(8 > . > -- ------------------------------------------- Marc Thompson Software Engineer Media Solutions University Information Technology University of Utah 801.585.9264 marc.thompson@utah.edu ------------------------------------------- Marc Thompson

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

emails sent via WebDNA 6.0a disappearing into thin air (2005) [TCPConnect] Errors (2003) [SMSI]Price and Formula.db (2002) Include remote? (1998) WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997) TCP Connect (1999) webdelivery not working (1998) WebCatalog for Postcards ? (1997) multiple price line in formula.db (2004) Flash loadVariables (2003) New Command prefs ... (1997) Date Calulation (1997) Problem with updating 2.1b7 -> 2.1.1 (1998) MacWEEK article help needed (1996) New Plug-in and Type 11 errors (1997) RAM variables (1997) Where is f2? (1997) Need help with text area (1998) Math with Time (1997) webcat- multiple selection in input field (1997)