Re: URI Hiding

Sun, 24 Jun 2001 13:22:12 -0700 

There is a way, but not so elegant.

First, do not send get requests and use
post requests instead.

Learn more about RequestDispatcher and
the setAttrubute and getAttribute methods.

They might help.

M

-----Original Message-----
From: A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of
Stuart Hemmings
Sent: Thursday, June 21, 2001 7:53 PM
To: [EMAIL PROTECTED]
Subject: URI Hiding


Does anybody have practical experience, code examples or articles on how to
best avoid putting parameters within the URI of a servlet?

HTTP forms are one solution but ideally it would be nice to hide this type
of implementation avoiding malicious URL/URI calls. Session Management
techniques could be used in conjunction with any suggestions.

Don't want!     <servletName>?mode=I'mhackable&mode=soamI

Want!         <servletName>

     Stuart Hemmings
     Imagine Broadband Limited


e    [EMAIL PROTECTED]
w   www.imaginebroadband.com
This e-mail and any attachments are confidential and may also be privileged.
If you are not the intended recipient (or have received this e-mail in
error) please  notify the sender immediately and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to