Assume that *ANYTHING* coming from the browser (or something pretending
to be a browser) can be hacked...
/John
William M Conlon wrote:
Actually, you need to assume that all input can be hacked, at least
someone will try to put arbitrary data into your arguments, poster or
search/ hidden or visible.
And assume that cookies can be hacked.
On Sep 12, 2006, at 4:51 PM, quicknote wrote:
I have made a couple of assumptions that might or might not be correct?
A hacker would have a hard time getting access to a 'hidden post arg'
A hacker would have a hard time hacking into a report if the URL is
limited
to "xwww.root/contact.taf?"
Bill
William M. Conlon, P.E., Ph.D.
To the Point
345 California Avenue Suite 2
Palo Alto, CA 94306
vox: 650.327.2175 (direct)
fax: 650.329.8335
mobile: 650.906.9929
e-mail: mailto:[EMAIL PROTECTED]
web: http://www.tothept.com
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
--
John McGowan
[EMAIL PROTECTED]
P 847.608.6900 x 110
F 847.608.9501
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
