31-May-2003 10:59 Henry Nelson wrote: >> > But it isn't only cached to memory. SOURCE_CACHE can be set to "FILE". >> > If we are to cache secure documents, we should make sure that the file >> > is as secure as is reasonably possible. >> >> Yes. But while we are talking to https the secure content is _usually_ sent >> in a single direction, from client to server (POST data, with passwords >> etc.), so it will not be compromised by source_cache.
> I think what's been bothering me about source_cache and an https form > is not so much the data itself, but rather whether or not (I do not know; > that's why I'm asking.) the action of the form could become corrupted > somehow. In other words, could data supplied to the source_cached form > end up going to the wrong server or an unintended recipient or script? Source_cache just keep text/html reply from the server (without headers), nothing more. If someone have write access to your temp files, then source_cache:file may be corrupted. With source_cache:memory no corruption possible. > Or is a source_cached form in no (100%) way different from a direct- > rendered form that Lynx would have to refresh to change its rendering? > For example, say you fetched a form, then took one of the actions > discussed, like ', ", `, * or @, and then submitted your data using > the modified rendering of the form. Is it guaranteed that the data > will go to where it's supposed to and the intended action will be > taken on it? Is it guaranteed that the server's action will be > prepared to handle the data supplied to it? > __Henry > ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED] ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
