On Tue, Sep 10, 2002 at 09:07:59PM -0400, George Gunderson wrote: > > On Tuesday, Sep 10, 2002, at 18:45 US/Eastern, Michael Fowler wrote: > >What is the purpose of trying to "hide" the URL from a user? However you > >obscure the URL the user must still be able to access the CGI script.
> For me, its h4x0r paranoia. The more a script looks like a static html > file, the better, IMHO. Not that it will stop or even slow down an > attacker, I do it anyway whenever possible. I don't understand this logic. You know it won't help protect you against an attacker, but you do it anyway. Surely you must think it protects you from something to continue doing it. > For Jose, it may be something as simple as him not wanting his users to > have to type so much. This makes a little more sense to me, though I'm hard-pressed to think of a site where knowing the URL to a CGI script proved useful.. I guess to each his own. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
