Here's a tip for everyone, Although <@SEARCHARG> and <@POSTARG> could almost be considered obsolete when we have <@ARG>, there is a subtle importance to <@POSTARG>.
The web will probably never be 100% secure, but it is in your best interest to always pass Passwords and other sensitive information (i.e., CC numbers) as Post arguments (<FORM METHOD=POST>) because they are "more" secure in how the information is transported (HTTP) over the web than Search Arguments (<FORM METHOD=GET> or <A HREF=""></A>). When you do this, then "only" capture this sensitive information with <@POSTARG>. This provides an additional level to the security of your applications. It's a subtle level, but it could make an important difference and there is nothing wrong with having too much security. At the very least this prevents some hacker-wannbe from arbitrarily typing and testing name=value pairs of UserNames and Passwords in the URL address field of their browser, against your application. Hope this helps. Cheers..... Scott Cadillac, Witango.org - http://witango.org 403-281-6090 - [EMAIL PROTECTED] -- Information for the Witango Developer Community --------------------- XML-Extranet - http://xmlx.ca 403-281-6090 - [EMAIL PROTECTED] -- Well-formed Development (for hire) --------------------- -----Original Message----- From: "Robert Shubert" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Date: Thu, 6 Nov 2003 08:23:49 -0500 Subject: RE: Witango-Talk: Simple Form Question > Witango does allow for specific use of Query and Post arguments as well > with @SEARCHARG and @POSTARG, but these are less used since @ARG > examines both. > > -----Original Message----- > From: Niall Merrigan [mailto:[EMAIL PROTECTED] > Sent: Thursday, November 06, 2003 5:26 AM > To: [EMAIL PROTECTED] > Subject: RE: Witango-Talk: Simple Form Question > > It would be <@ARG id> > > Also the <@ARG> is equivelent to the Request() object in ASP. Rather > than splitting into Querystring and Post parts <@ARG> examines both. > > Best regards > > Niall > > > > -----Original Message----- > From: OSullivan. Jerry (IT Solutions) [mailto:[EMAIL PROTECTED] > Sent: 06 November 2003 10:20 > To: '[EMAIL PROTECTED]' > Subject: Witango-Talk: Simple Form Question > > > Can you tell me what the TANGO equivalent to the ASP code > Request.Form("id"), i.e. how do tango files (.taf) read form data that > is submitted to it > > Much Thanks, > Jerry > > > * ** *** ** * ** *** ** * ** *** ** * > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. > Any views or opinions presented are solely those of the author, and do > not necessarily > represent those of ESB. > If you have received this email in error please notify the sender. > > Although ESB scans e-mail and attachments for viruses, it does not > guarantee > that either are virus-free and accepts no liability for any damage > sustained > as a result of viruses. > > * ** *** ** * ** *** ** * ** *** ** * > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > > ******************************************************************** > This message is intended only for the use of the person(s) ("the > intended > recipient(s)") to whom it is addressed. It may contain information > which > is > privileged and confidential within the meaning of applicable law. If > you > > are not the intended recipient, please contact the sender as soon as > possible. The views expressed in this communication may not necessarily > be the views held by LGCSB (Local Government Computer Services Board). > > Any attachments have been checked by a virus scanner and appear to be > clean. > Please ensure that you also scan all messages, as LGCSB does not accept > any liability for contamination or damage to your systems. > ******************************************************************** > > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
