Philipp von Weitershausen wrote:
True, it's not the nicest solution. But you could make it safer by first
stripping the according request variable from the QUERY_STRING.
mod_rewrite is quite powerful in that respect.

Is it just me, or should a deep feeling of uneasiness accompany the extraction of authentication credentials from a query string? ;-)


Simplistix - Content Management, Zope & Python Consulting
Zope3-users mailing list

Reply via email to