Re: Google Web Accelerator
This WebDNA talk-list message is from 2005
It keeps the original formatting.
numero = 62010
interpreted = N
texte = If one of your customers is using it, and they log into your an adminsection, it will start going through all the links including anydelete function you might have made for them. It won't even see anysafe guards that have been put in place like a pop up that says "areyou sure you want to delete this record", etc. It will just startdeleting. =20 Sal D'Anna=20>=20>=20> On 5/12/05, Donovan Brooke
wrote:> > sal danna wrote:> > > [snip]They can't get to password protected areas, they don't cache> > > https links, they don't cache news or large files. If you have the> > > ability to "delete" or "cancel" something sensitive without all of th=ose=20> > > protections you are just asking for it to be deleted or canceled.[/sn=ip]> > >> > > Doesn't matter if it's password protected or not because Google Web> > > Accelerator is software you install in your browser so it's seeing=20> > > whatever you are seeing (even if it's password protected). This is> > > what the first link says you should do to protect your site:> > >> > > "If you have a web app, it might be worth returning a 403 when the=20> > > HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web> > > Accelerator from clicking destructive links."> > >> > > Sal D'Anna> >=20> > I guess I don't get your point Sal, if its installed on someoneelses=20> > browser that doesn't have access to my sensitive content, how is that> > a problem?> >=20> > Donovan> >=20> > --> > =3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do==3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do> > DONOVAN D. BROOKE Eucalyptus Design> > <-Web Development (specializing in eCommerce), ->> > <- Graphic Design, Custom Tags and Labels ->> >=20> > ADDRESS:> Donovan Brooke> > DBA Eucalyptus Design> > N2862 Summerville Park Rd.> > Lodi, WI 53555> > PH:> 1.608.592.3567> > Web:> http://www.euca.us> > =3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do==3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do> >=20> > -------------------------------------------------------------> > This message is sent to you because you are subscribed to=20> > the mailing list .> > To unsubscribe, E-mail to: > > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/> >=20>=20>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
If one of your customers is using it, and they log into your an adminsection, it will start going through all the links including anydelete function you might have made for them. It won't even see anysafe guards that have been put in place like a pop up that says "areyou sure you want to delete this record", etc. It will just startdeleting. =20 Sal D'Anna=20>=20>=20> On 5/12/05, Donovan Brooke wrote:> > sal danna wrote:> > > [snip]They can't get to password protected areas, they don't cache> > > https links, they don't cache news or large files. If you have the> > > ability to "delete" or "cancel" something sensitive without all of th=ose=20> > > protections you are just asking for it to be deleted or canceled.[/sn=ip]> > >> > > Doesn't matter if it's password protected or not because Google Web> > > Accelerator is software you install in your browser so it's seeing=20> > > whatever you are seeing (even if it's password protected). This is> > > what the first link says you should do to protect your site:> > >> > > "If you have a web app, it might be worth returning a 403 when the=20> > > HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web> > > Accelerator from clicking destructive links."> > >> > > Sal D'Anna> >=20> > I guess I don't get your point Sal, if its installed on someoneelses=20> > browser that doesn't have access to my sensitive content, how is that> > a problem?> >=20> > Donovan> >=20> > --> > =3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do==3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do> > DONOVAN D. BROOKE Eucalyptus Design> > <-Web Development (specializing in eCommerce), ->> > <- Graphic Design, Custom Tags and Labels ->> >=20> > ADDRESS:> Donovan Brooke> > DBA Eucalyptus Design> > N2862 Summerville Park Rd.> > Lodi, WI 53555> > PH:> 1.608.592.3567> > Web:> http://www.euca.us> > =3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do==3Do=3Do=3Do=3Do=3Do=3Do=3Do=3Do> >=20> > -------------------------------------------------------------> > This message is sent to you because you are subscribed to=20> > the mailing list .> > To unsubscribe, E-mail to: > > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/> >=20>=20>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
sal danna
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
b12 cannot limit records returned and more. (1997)
Photo Album (2000)
japanese characters (1997)
Progress !! WAS: Trouble with formula.db (1997)
Securing/hiding database file (2000)
[SearchString] problem with [search] context (1997)
Lookup Notfound (1998)
Follow-Up to: Removing [showif] makes a big difference in speed (1997)
Clear command and ShoppingCart.tmpl (1997)
Wrapping text (1998)
X etc.... (1999)
Can you do this??? and other stuff (1997)
RAM issue (2006)
.html with IIS4 (1999)
OS X, Running WebDNA in different directory (2005)
Running 2 two WebCatalog.acgi's (1996)
PCS Frames (1997)
Price problem (1997)
More on screen refresh causing duplicate order entries (1998)
Search results templates (1996)