Re: [WebDNA] Putting '&search' into URL killing all search contexts on my sites
This WebDNA talk-list message is from 2010
It keeps the original formatting.
numero = 105326
interpreted = N
texte = Note this bug exists for years. It took 6 years to find it :-)- chrisOn Jun 14, 2010, at 20:59, Stuart Tremain wrote:> Oh thanks .... NOT :(>=20>=20> Regards>=20> Stuart Tremain> IDFK Web Developments> AUSTRALIA> webdna@idfk.com.au>=20>=20>=20>=20> On 15/06/2010, at 9:55 AM, Donovan Brooke wrote:>=20>> Stuart Tremain wrote:>>> I can't replicate that on my sites served from IIS.>>> Regards>>> Stuart Tremain>>> IDFK Web Developments>>> AUSTRALIA>>> webdna@idfk.com.au
>>=20>>=20>> http://www.idfk.com.au/ourwork.html?search=3D>>=20>> It's a bug we should not talk much about publicly.>> The scope of the compromise is definitely limited and depends on>> how one codes their site.. but, as developers, we don't want to =spread>> the awareness if we can help it.>>=20>> I would guess that for most of you and the way you code, your =sensitive>> content is safe. If you are really concerned/paranoid, I can offer to =run some quick tests (when time permits) on a few key templates to let =you know if I can see any concerns. I don't work for WSC anymore, but>> this was a bug I put on the list quite some time ago.>>=20>> I suggest this be the last public post about this for the good>> of all of us.>>=20>> Donovan>>=20>>=20>> --=20>> Donovan Brooke>> Euca Design Center>> [Practical-Ethical-Efficient]>> www.euca.us>> egg.bz>> artglass-forum.com>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> old archives: http://dev.webdna.us/TalkListArchive/>> Bug Reporting: =http://forum.webdna.us/eucabb.html?page=3Dtopics&category=3D288>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: =http://forum.webdna.us/eucabb.html?page=3Dtopics&category(8
Associated Messages, from the most recent to the oldest:
Note this bug exists for years. It took 6 years to find it :-)- chrisOn Jun 14, 2010, at 20:59, Stuart Tremain wrote:> Oh thanks .... NOT :(>=20>=20> Regards>=20> Stuart Tremain> IDFK Web Developments> AUSTRALIA> webdna@idfk.com.au>=20>=20>=20>=20> On 15/06/2010, at 9:55 AM, Donovan Brooke wrote:>=20>> Stuart Tremain wrote:>>> I can't replicate that on my sites served from IIS.>>> Regards>>> Stuart Tremain>>> IDFK Web Developments>>> AUSTRALIA>>> webdna@idfk.com.au >>=20>>=20>> http://www.idfk.com.au/ourwork.html?search=3D>>=20>> It's a bug we should not talk much about publicly.>> The scope of the compromise is definitely limited and depends on>> how one codes their site.. but, as developers, we don't want to =spread>> the awareness if we can help it.>>=20>> I would guess that for most of you and the way you code, your =sensitive>> content is safe. If you are really concerned/paranoid, I can offer to =run some quick tests (when time permits) on a few key templates to let =you know if I can see any concerns. I don't work for WSC anymore, but>> this was a bug I put on the list quite some time ago.>>=20>> I suggest this be the last public post about this for the good>> of all of us.>>=20>> Donovan>>=20>>=20>> --=20>> Donovan Brooke>> Euca Design Center>> [Practical-Ethical-Efficient]>> www.euca.us>> egg.bz>> artglass-forum.com>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> archives: http://mail.webdna.us/list/talk@webdna.us>> old archives: http://dev.webdna.us/TalkListArchive/>> Bug Reporting: =http://forum.webdna.us/eucabb.html?page=3Dtopics&category=3D288>=20> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: =http://forum.webdna.us/eucabb.html?page=3Dtopics&category(8
christophe.billiottet@webdna.us
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Moment of Thanks (1997)
WebCatalog for Postcards ? (1997)
Multiple Merchant Accounts? (1997)
Interfacing WebMerchant to www.fedex.com (1997)
a * question (2003)
2nd WebCatalog2 Feature Request (1996)
Count regular expressions in a file (2007)
Why would prices no appear in cart (2000)
[ot] Raid Cards for RH ES (2004)
WebCat2b15MacPlugin - showing [math] (1997)
Robust WebDNA Job Manager / Accountant (2006)
help (2001)
Merchant account (1998)
No data - More Info (1997)
[CART] (1997)
Poll using WebCat (1998)
QuitFeedback & DBNotOpened errors (1997)
Unix line endings (2003)
Fun with Dates - revisited (1997)
[ShowIf] and empty fields (1997)