Javier, On Tue, Nov 9, 2010 at 11:21 AM, Andres Riancho <andres.rian...@gmail.com> wrote: > > Taras, > > Do you remember why we added the "secret value" to the form.py [0]? > > """ > # This is used for processing checkboxes > self._secret_value = "3_!21#47w@" > ... > ... > if value not in self._selects[name]: > self._selects[name].append(value) > self._selects[name].append(self._secret_value) > """ > > [0] https://sourceforge.net/apps/trac/w3af/browser/trunk/core/data/dc/form.py
Before this new implementation of getVariants() we had something like this: """ 295 for variant in result: 296 tmp = copy.deepcopy(self) 297 for select_variant in variant: 298 if select_variant[1] != self._secret_value: 299 # FIXME: Needs to support repeated parameter names 300 tmp[select_variant[0]] = [select_variant[1], ] 301 else: 302 # FIXME: Is it good solution to simply delete unwant to 303 # send checkboxes? 304 del(tmp[select_variant[0]]) 305 variants.append(tmp) """ [0] https://sourceforge.net/apps/trac/w3af/browser/trunk/core/data/dc/form.py?rev=2779 I think that its safe to remove the secret value from the code now. What do you think? > > Regards, > -- > Andrés Riancho > Director of Web Security at Rapid7 LLC > Founder at Bonsai Information Security > Project Leader at w3af > -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
