Re: Protecting webdelivery

This WebDNA talk-list message is from

1997


It keeps the original formatting.
numero = 11885
interpreted = N
texte = Reply To: RE>>Protecting webdeliveryGrant Hulbert said: > I assume the scenario you're trying to prevent is this: > > 1) A hacker discovers the cart id during the non-SSL session, by > using packet-sniffing software > 2) The hacker uses this [cart].html as a URL to get to the webdelivery > meant for someone else, by going to that URL during a 24-hour period > after they think the card was clearedThat's the concern - (un)founded or not. I'll give your tips a whirl and see what flies out. Hadn't thought of that on-the-fly lookup technique... much cleaner than my original idea, and quite a bit simpler too. THANKS MUCH!Dan Keldsen - djk@delphigroup.com Director, I.S. - webmaster@delphigroup.com Delphi Consulting Group, Inc. - http://www.delphigroup.com/ 100 City Hall Plaza - ph: 617-247-1511 Boston, MA 02108-2106 - fax:617-247-4957 Associated Messages, from the most recent to the oldest:

    
  1. Re: Protecting webdelivery (Dan Keldsen 1997)
  2. Re: Protecting webdelivery (Grant Hulbert 1997)
  3. Protecting webdelivery (Dan Keldsen 1997)
Reply To: RE>>Protecting webdeliveryGrant Hulbert said: > I assume the scenario you're trying to prevent is this: > > 1) A hacker discovers the cart id during the non-SSL session, by > using packet-sniffing software > 2) The hacker uses this [cart].html as a URL to get to the webdelivery > meant for someone else, by going to that URL during a 24-hour period > after they think the card was clearedThat's the concern - (un)founded or not. I'll give your tips a whirl and see what flies out. Hadn't thought of that on-the-fly lookup technique... much cleaner than my original idea, and quite a bit simpler too. THANKS MUCH!Dan Keldsen - djk@delphigroup.com Director, I.S. - webmaster@delphigroup.com Delphi Consulting Group, Inc. - http://www.delphigroup.com/ 100 City Hall Plaza - ph: 617-247-1511 Boston, MA 02108-2106 - fax:617-247-4957 Dan Keldsen

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Secure Server basic question... (1997) [convertchars] HELP!!! (1999) UPPERCASE (1997) UnitShipCost, Formulas.db and passwords (2003) RE: creating writefile data from a nested search (1997) Running webdna on centos 4.2? (2006) Press Release hit the NewsWire!!! (1997) problems with 2 tags shakur (1997) fresh eyes needed. Append won't work. (2000) Emailer (1997) Textarea Breaks (2000) taxRate and grandTotal calculation is not showing up on (2000) Anyone using [sendmail] for HTML encoded mail? (2000) Multiple Pulldowns (1997) WebCat on Apache Windows version (2000) Showif, Hideif reverse logic ? (1997) t or f (1997) QuitFeedback & DBNotOpened errors (1997) Help! WebCat2 bug (1997) Ampersand (1997)