On Monday 02 September 2002 15:10, you wrote: > > On Mon, Sep 02, 2002 at 07:28:32PM +0200, Oskar Sandberg wrote: > > The fact remains that any link from outside freenet can already do this. > > If it is really a problem then we ought to get rid of the htl argument in > > the URL altogether, and make it configuration setting. > > Another solution would be to have fproxy generate a random per-session > key which must be specified whenever a "protected" argument (such as > HTL) is used. Sounds fine to me.
I can't think of any arguments that wouldn't fall into the class of protected though. --gj _______________________________________________ devl mailing list devl at freenetproject.org http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl