On Mon, Sep 02, 2002 at 07:28:32PM +0200, Oskar Sandberg wrote: > The fact remains that any link from outside freenet can already do this. > If it is really a problem then we ought to get rid of the htl argument in > the URL altogether, and make it configuration setting.
Another solution would be to have fproxy generate a random per-session key which must be specified whenever a "protected" argument (such as HTL) is used. Ian. -- Ian Clarke ian at freenetproject.org Founder & Coordinator, The Freenet Project http://freenetproject.org/ Chief Technology Officer, Uprizer Inc. http://www.uprizer.com/ Personal Homepage http://locut.us/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20020902/68294a90/attachment.pgp>