[cross-posts removed] On Thursday, July 10, 2003, at 02:29 PM, ryan whippo wrote:
I have an application that passes params around in the url. We need tohide these for security reasons. We also don't want to have to change alot of code. Any ideas? Thanks, Ryan
Ryan; I imagine you're talking passwords? Could you be a bit more specific about the behavior you're looking for?What would also be helpful is some information about what sort of environment you're running in (modules, etc.).
What level are you talking about? Are you talking about a form CGI that dumps to a DB? Or are you talking about a secure transaction server, (i.e., banking).
And, is this something you need to fix a gaping hole "yesterday" or is this something you know you should do?
Finally, this might just be a personal observation, but I'd limit future requests to one list, or post separate queries to each list. It is somewhat doubtful responses to other lists are going to go through unless the person responding subscribes to that list as well.
Regards,
Nathan
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.