eller
Authorized Pervasive, Cisco, HP, Thawte Reseller.
Roland Dumas wrote:
Re: Witango-Talk: Security question
I’m slow here. Does this mean that if there is a
SQL query in a DirectDBMS Action that it’s protected by this bind dust? Or
just New Record and Update Actions?
:
Re: Witango-Talk: Security question
I’m slow here. Does this mean that if there is
a SQL query in a DirectDBMS Action that it’s protected by this bind dust?
Or just New Record and Update Actions?
On 9/22/04 11:34 AM, "Sri Amudhanar" <[EMAIL PROTECTED]> wrote:
O
Title: Re: Witango-Talk: Security question
I’m slow here. Does this mean that if there is a SQL query in a DirectDBMS Action that it’s protected by this bind dust? Or just New Record and Update Actions?
On 9/22/04 11:34 AM, "Sri Amudhanar" <[EMAIL PROTECTED]> wrote:
One of t
Sorry, but you forgot the "
it should read... :-)
Should read:
B.) Holy s*"*t!: You're an idiot if you don't have a layer in front of a
new record or update that searches and kills anything that looks like
this.
I flunked proofreading
This option:
On 9/22/04 8:52 AM, "Roland Dumas" <[EMAI
t checking (B) to avoid completely this security issue.
Hope this helps.
Gauthier
- Original Message -
From: "Roland Dumas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 22, 2004 5:52 PM
Subject: Re: Witango-Talk: Security question
I
al Message -
From: "Roland Dumas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 22, 2004 5:52 PM
Subject: Re: Witango-Talk: Security question
>
> I want the SHORT answer, something like:
>
> A.) If you use witango, a browser-sumitted
I flunked proofreading
This option:
On 9/22/04 8:52 AM, "Roland Dumas" <[EMAIL PROTECTED]> wrote:
> B.) Holy s**t!: You're an idiot of you doing have a layer in front of a
> submit that searches and kills anything that looks like this.
Should read:
> B.) Holy s**t!: You're an idiot if you do
> unlikely event that the script is intact.
>>
>> I have had this attempt happen to me, but the hacker didn't realize
>> that the
>> form didn't save to the database but was just emailed to me. I have
>> view the
>> code in Outlook without any issue
ptember 21, 2004 8:15 PM
To: [EMAIL PROTECTED]
Subject: Witango-Talk: Security question
Have a client who is asking questions about security. Specifically, if
there
is a field that is entered via web form and then placed in a database,
is
there the possibility that evil scripts can be submitted th
x27;t realize that the
form didn't save to the database but was just emailed to me. I have view the
code in Outlook without any issues.
Ben Johansen
-Original Message-
From: Roland Dumas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 21, 2004 8:15 PM
To: [EMAIL PROTECTED]
Subject: Wi
-Original Message-
From: Roland Dumas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 21, 2004 9:15 PM
To: [EMAIL PROTECTED]
Subject: Witango-Talk: Security question
Have a client who is asking questions about security. Specifically, if there
is a field that is entered via web form and then pla
Have a client who is asking questions about security. Specifically, if there
is a field that is entered via web form and then placed in a database, is
there the possibility that evil scripts can be submitted that will do evil
things either to the database or to a user reading the content of that
co
12 matches
Mail list logo
