BACK STORY: Our department director came up and asked my about potential security ramifications of the back button in the browser. Someone had notified her that when they logged out of a moderately secure web application, they could hit the back button and see previously displayed data. While they could not do any actions in the application since they where no longer logged into it, they could still see potentially sensitive data. This quickly expanded into a general discussion of data security in browser based inter/intranet applications. And I realized that I do not have much depth of knowledge of all the possible gotchas and/or how to possibly mitigate them. QUESTION: So can this august group provide me some vetted, primer type resources in either web, book and/or news group discussion thread form that could illuminate my ignorance on this topic? Thank You PS. Wow, I have no idea where the language for that last sentence came from? I sounded a bit frumpy or pretentious for a code monkey programmer didn't I? -------------- Ian Skinner Web Programmer BloodSource <file:///C:\Documents%20and%20Settings\iskinner\Application%20Data\Microsoft\Signatures\www.BloodSource.org> www.BloodSource.org <http://www.BloodSource.orgSacramento> Sacramento, CA
"C code. C code run. Run code run. Please!" - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:189680 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
