Re: Google Web Accelerator

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 62013
interpreted = N
texte = Also, what about the Clients who get their CMS system and Admin areas that have installed the WA. They login into this area and it starts running rampant. Ron ----- Original Message ----- From: "Dan Strong" To: "WebDNA Talk" Sent: Thursday, May 12, 2005 9:23 AM Subject: Re: Google Web Accelerator > Doesn't this kind of activity expose Google to serious liability, such as, > say, a whole bunch of web-developers who have had their sites damaged by > this 'feature', getting together and filing a class-action lawsuit? I know > that I give some users of my sites password-protected access to portions > of the back-end, but I don't recall ever giving Google that kind of > access... or does the 'ability' to prevent the 'feature' from accessing > our sites (via non-billable time that we have to waste), shield them from > liabilty? Any lawyers on the house? > -Dan > > > On Thu, 12 May 2005 08:33:27 -0700 > sal danna wrote: >> If one of your customers is using it, and they log into your an admin >> section, it will start going through all the links including any >> delete function you might have made for them. It won't even see any >> safe guards that have been put in place like a pop up that says "are >> you sure you want to delete this record", etc. It will just start >> deleting. >> Sal D'Anna >> >>> >>> >>> On 5/12/05, Donovan Brooke wrote: >>> > sal danna wrote: >>> > > [snip]They can't get to password protected areas, they don't cache >>> > > https links, they don't cache news or large files. If you have the >>> > > ability to "delete" or "cancel" something sensitive without all of >>> > > those protections you are just asking for it to be deleted or >>> > > canceled.[/snip] >>> > > >>> > > Doesn't matter if it's password protected or not because Google Web >>> > > Accelerator is software you install in your browser so it's seeing >>> > > whatever you are seeing (even if it's password protected). This is >>> > > what the first link says you should do to protect your site: >>> > > >>> > > "If you have a web app, it might be worth returning a 403 when the >>> > > HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web >>> > > Accelerator from clicking destructive links." >>> > > >>> > > Sal D'Anna >>> > >>> > I guess I don't get your point Sal, if its installed on someoneelses >>> > browser that doesn't have access to my sensitive content, how is that >>> > a problem? >>> > >>> > Donovan >>> > >>> > -- >>> > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o >>> > DONOVAN D. BROOKE Eucalyptus Design >>> > <-Web Development (specializing in eCommerce), -> >>> > <- Graphic Design, Custom Tags and Labels -> >>> > >>> > ADDRESS:> Donovan Brooke >>> > DBA Eucalyptus Design >>> > N2862 Summerville Park Rd. >>> > Lodi, WI 53555 >>> > PH:> 1.608.592.3567 >>> > Web:> http://www.euca.us >>> > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o >>> > >>> > ------------------------------------------------------------- >>> > This message is sent to you because you are subscribed to the mailing >>> > list . >>> > To unsubscribe, E-mail to: >>> > To switch to the DIGEST mode, E-mail to >>> > >>> > Web Archive of this list is at: http://webdna.smithmicro.com/ >>> > >>> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://webdna.smithmicro.com/ > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Google Web Accelerator ( rupert ravens 2005)
  2. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  3. Re: Google Web Accelerator ( Joe D'Andrea 2005)
  4. Re: Google Web Accelerator ( Terry Wilson 2005)
  5. Re: Google Web Accelerator ( "Dale's eLists" 2005)
  6. Re: Google Web Accelerator ( Terry Wilson 2005)
  7. Re: Google Web Accelerator ( "WebDna @ Inkblot Media" 2005)
  8. Re: Google Web Accelerator ( "Dan Strong" 2005)
  9. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  10. Re: Google Web Accelerator ( sal danna 2005)
  11. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  12. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  13. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  14. Re: Google Web Accelerator ( Jay Van Vark 2005)
  15. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  16. Re: Google Web Accelerator ( John Peacock 2005)
  17. Re: Google Web Accelerator ( sal danna 2005)
  18. Re: Google Web Accelerator ( Donovan Brooke 2005)
  19. Re: Google Web Accelerator ( William DeVaul 2005)
  20. Re: Google Web Accelerator ( sal danna 2005)
  21. Re: Google Web Accelerator ( Donovan Brooke 2005)
  22. Re: Google Web Accelerator ( devaulw@onebox.com 2005)
  23. Google Web Accelerator ( Terry Wilson 2005)
Also, what about the Clients who get their CMS system and Admin areas that have installed the WA. They login into this area and it starts running rampant. Ron ----- Original Message ----- From: "Dan Strong" To: "WebDNA Talk" Sent: Thursday, May 12, 2005 9:23 AM Subject: Re: Google Web Accelerator > Doesn't this kind of activity expose Google to serious liability, such as, > say, a whole bunch of web-developers who have had their sites damaged by > this 'feature', getting together and filing a class-action lawsuit? I know > that I give some users of my sites password-protected access to portions > of the back-end, but I don't recall ever giving Google that kind of > access... or does the 'ability' to prevent the 'feature' from accessing > our sites (via non-billable time that we have to waste), shield them from > liabilty? Any lawyers on the house? > -Dan > > > On Thu, 12 May 2005 08:33:27 -0700 > sal danna wrote: >> If one of your customers is using it, and they log into your an admin >> section, it will start going through all the links including any >> delete function you might have made for them. It won't even see any >> safe guards that have been put in place like a pop up that says "are >> you sure you want to delete this record", etc. It will just start >> deleting. >> Sal D'Anna >> >>> >>> >>> On 5/12/05, Donovan Brooke wrote: >>> > sal danna wrote: >>> > > [snip]They can't get to password protected areas, they don't cache >>> > > https links, they don't cache news or large files. If you have the >>> > > ability to "delete" or "cancel" something sensitive without all of >>> > > those protections you are just asking for it to be deleted or >>> > > canceled.[/snip] >>> > > >>> > > Doesn't matter if it's password protected or not because Google Web >>> > > Accelerator is software you install in your browser so it's seeing >>> > > whatever you are seeing (even if it's password protected). This is >>> > > what the first link says you should do to protect your site: >>> > > >>> > > "If you have a web app, it might be worth returning a 403 when the >>> > > HTTP_X_MOZ is set to "prefetch" header is sent. This will keep Web >>> > > Accelerator from clicking destructive links." >>> > > >>> > > Sal D'Anna >>> > >>> > I guess I don't get your point Sal, if its installed on someoneelses >>> > browser that doesn't have access to my sensitive content, how is that >>> > a problem? >>> > >>> > Donovan >>> > >>> > -- >>> > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o >>> > DONOVAN D. BROOKE Eucalyptus Design >>> > <-Web Development (specializing in eCommerce), -> >>> > <- Graphic Design, Custom Tags and Labels -> >>> > >>> > ADDRESS:> Donovan Brooke >>> > DBA Eucalyptus Design >>> > N2862 Summerville Park Rd. >>> > Lodi, WI 53555 >>> > PH:> 1.608.592.3567 >>> > Web:> http://www.euca.us >>> > =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o >>> > >>> > ------------------------------------------------------------- >>> > This message is sent to you because you are subscribed to the mailing >>> > list . >>> > To unsubscribe, E-mail to: >>> > To switch to the DIGEST mode, E-mail to >>> > >>> > Web Archive of this list is at: http://webdna.smithmicro.com/ >>> > >>> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://webdna.smithmicro.com/ > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "WebDna @ Inkblot Media"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Nested tags count question (1997) WebDNA5 & Tiger (2006) Search wbrk (repost) (2001) [WebDNA] WebDNA installers (2015) really wierd browser truncating (1997) Searching multiple fields (1997) WebCatalog2 for NT Beta Request (1997) SETCOOKIE Tricks (2003) can WC render sites out? (1997) setting taxable to true (1997) WebCommerce: Folder organization ? (1997) WebCat2 - Getting to the browser's username/password data (1997) Custom WebCat Prefs ... (1997) Netscape 3.01 can't see db in form (was problems problemsproblems) (1997) [WebDNA] [hideif]'s not working in [sendmail] (2008) Date subtraction (2002) show all problem (1997) RE: Languages (1997) Plugin or CGI or both (1997) Active Server Code... (1998)