With this in mind, Is there any sign of any sqwebmail templates appearing yet ?
Matt. -----Original Message----- From: Brian Candler [mailto:[EMAIL PROTECTED] Sent: 30 September 2003 15:03 To: Paul L. Allen Cc: [EMAIL PROTECTED] Subject: Re: [sqwebmail] Re: customizing sqwebmail, nwe look On Tue, Sep 30, 2003 at 01:24:02PM +0000, Paul L. Allen wrote: > > In the sqwebmail source you will find a file called SECURITY (or > > SECURITY.html if you prefer that). I suggest you read one or other of > > them. > > Matti has since contacted me directly to explain that Riwos does use > frames to maintain security but does not use ADDITIONAL frames for > any purpose. Therefore Riwos is not a security risk in that way. I'm not convinced. If you go to his test page, http://riikari.net/cgi-bin/test.cgi you get a button which opens in a new window: https://karhula.taivassalo.fi/cgi-bin/[EMAIL PROTECTED]&passwor d=demo Now, the test page uses Javascript to open this URL in a window with no toolbar, and so you can't see each page's URL. But if you paste the above URL directly into your browser, then you'll find that it is not inside a frame, and that each sub-page accessed does appear in your browser history. So, it does *not* appear to use frames to maintain security. It does try to use a different method (but one which would probably be bypassed if you went directly to the webmail URL) Brian.
