Mike Kienenberger wrote the following on 9/17/2004 7:13 PM:
On the other hand, if you're just saying that you can encode your reflection
dispatch name so that "/page&method=X" becomes "/a1b2c3d4e5.psc", you've
just made the security more obscure. If someone figures out your encoding,
they can s
Paul Speed wrote:
Michael McGrady wrote:
Mike Kienenberger wrote:
Rick Reumann <[EMAIL PROTECTED]> wrote:
Mike Kienenberger wrote the following on 9/17/2004 2:17 PM:
Any time you allow an end user an opportunity to specify a
parameter for
reflection, you're introducing security co
Michael McGrady wrote:
Mike Kienenberger wrote:
Rick Reumann <[EMAIL PROTECTED]> wrote:
Mike Kienenberger wrote the following on 9/17/2004 2:17 PM:
Any time you allow an end user an opportunity to specify a parameter
for
reflection, you're introducing security concerns.
However, a
Mike Kienenberger wrote:
Rick Reumann <[EMAIL PROTECTED]> wrote:
Mike Kienenberger wrote the following on 9/17/2004 2:17 PM:
Any time you allow an end user an opportunity to specify a parameter for
reflection, you're introducing security concerns.
However, a "secure" version coul
Rick Reumann <[EMAIL PROTECTED]> wrote:
> Mike Kienenberger wrote the following on 9/17/2004 2:17 PM:
> > Any time you allow an end user an opportunity to specify a parameter for
> > reflection, you're introducing security concerns.
> > However, a "secure" version could be created by only allowin
