[WebDNA] path traversal

This WebDNA talk-list message is from

2020


It keeps the original formatting.
numero = 115082
interpreted = N
texte = 2711 A security friend told me about "path traversal=E2=80=9D=20 https://portswigger.net/web-security/file-path-traversal and told me that the idea that the =E2=80=9CShoppingCarts=E2=80=9D = folder is located usually under a website folder is not a good practice. How do i move the creation of files from the directory under the website = forlder to be under the Globals so it=E2=80=99ll be protected from such = kind of attack ? I made such directory elsewhere but didn=E2=80=99t know how to make = WebDNA use it ? I use CentOS 7 and=20 Yours, Yariv= --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us . Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] path traversal (Donovan Brooke 2020)
  2. Re: [WebDNA] path traversal (Office 2020)
  3. Re: [WebDNA] path traversal (Office 2020)
  4. Re: [WebDNA] path traversal (Stuart Tremain 2020)
  5. Re: [WebDNA] path traversal (Stuart Tremain 2020)
  6. Re: [WebDNA] path traversal (Donovan Brooke 2020)
  7. [WebDNA] path traversal (Yariv Nachshon 2020)
2711 A security friend told me about "path traversal=E2=80=9D=20 https://portswigger.net/web-security/file-path-traversal and told me that the idea that the =E2=80=9CShoppingCarts=E2=80=9D = folder is located usually under a website folder is not a good practice. How do i move the creation of files from the directory under the website = forlder to be under the Globals so it=E2=80=99ll be protected from such = kind of attack ? I made such directory elsewhere but didn=E2=80=99t know how to make = WebDNA use it ? I use CentOS 7 and=20 Yours, Yariv= --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us . Yariv Nachshon

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

U&P IIS concept (1998) Problem with summary on date / inconsequent webcat behaviour (1998) RFE: [include file=filename.inc&strip=t] (2002) Bad Cookie / Internet Option / Internet Explorer (2004) Newbie problem blah blah blah (1997) Two prices in shoppingcart? (1997) Incorrect Value Display (2000) Details of shipping - Totalqty calculations (1997) Couple of questions (1999) OT: Need some feedback, please. (2003) What is wrong here? (2000) [WebDNA] Bug reporting (2009) Displaying Location (1997) Variables from a long text string (2000) PHP vs WebCatalog (2000) Date Sorting (1997) createfolder not behaving as expected (1999) Sending Email (2004) Separate SSL Server (1997) Multi-processor Mac info ... (1997)