|
Posted by Thomas 'PointedEars' Lahn on April 14, 2008, 8:47 am
Please log in for more thread options Ben Bacarisse wrote:
>> Ben Bacarisse wrote:
>>>> Ben Bacarisse wrote:
>>> <snip>
>>>>> If cookies are not acceptable, you can do this with form data.
>>>> Cookies are as susceptible to a forging attack as is form data.
>>>> http://getfirebug.com/ and see how easy it actually is.
>>> Of course. I never suggested otherwise.
>> IBTD. Did you or did you not suggest that storing cookies or form data
>> would be a way to "'force' [a] user to use [a] [Web] site in [a]
>> defined order?
>
> What has that got to do with it? I did not suggest that cookies were
> any less susceptible to being "forged" and you seemed to think I had.
No, I said that one approach (that you dismissed) is as suspectible to a
forging attack as the other one (that you mentioned as a proper
replacement). That is quite a different thing.
>> F'up2 comp.infosystems.www.authoring.misc
>
> The usual practice is to set a followup-to header in order to limit
> the discussion to more suitable groups. You seem to have just added
> comp.infosystems.www.authoring.misc. Why do you think more people
> want to see this?
Temporary malfunction on layer 8 in interaction with layer 7.
Interestingly, you forgot to set the Followup-To header as well, so I guess
we are even now :)
F'up2 ciwam
PointedEars
--
var bugRiddenCrashPronePieceOfJunk = (
navigator.userAgent.indexOf('MSIE 5') != -1
&& navigator.userAgent.indexOf('Mac') != -1
) // Plone, register_function.js:16
| 
XML Sitemap