Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!]

This WebDNA talk-list message is from

2011

It keeps the original formatting. numero = 107124
interpreted = N
texte = --Apple-Mail-3-704544720Content-Transfer-Encoding: quoted-printableContent-Type: text/plain;charset=us-ascii> Does anybody know how to stop this =(http://www.webdna.us/page.dna?numero=3D195&if=3D) from happening? It =looks like any DNA tag can easily be replaced through the URL. This =could potentially create security issues for us.umm.. yeah. that was what we were talking about in several posts in =this thread all morning, right?Did you try the code I posted? ..or the code Donovan posted?Set up a test page with an [if]...[/if] in it.. and then see if you can =break it with an URL param such as above.. and then see if you can patch =the security hole with code like one of us posted.Donovan, I am going to test something(s) and properly reply to you.. a =little later.-Govinda--Apple-Mail-3-704544720Content-Transfer-Encoding: quoted-printableContent-Type: text/html;charset=us-ascii

Does anybody =know how to stop this (http://www.w=ebdna.us/page.dna?numero=3D195&if=3D) from happening? It looks =like any DNA tag can easily be replaced through the URL. This could =potentially create security issues for =us.

umm.. yeah. that was what we were =talking about in several posts in this thread all morning, =right?

Did you try the code I posted? ..or the code Donovan =posted?

Set up a test page with an [if]...[/if] in it.. and =then see if you can break it with an URL param such as above.. and then =see if you can patch the security hole with code like one of us =posted.

Donovan, I am going to test =something(s) and properly reply to you.. a little =later.

-Govinda

=--Apple-Mail-3-704544720-- Associated Messages, from the most recent to the oldest:

Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)

--Apple-Mail-3-704544720Content-Transfer-Encoding: quoted-printableContent-Type: text/plain;charset=us-ascii> Does anybody know how to stop this =(http://www.webdna.us/page.dna?numero=3D195&if=3D) from happening? It =looks like any DNA tag can easily be replaced through the URL. This =could potentially create security issues for us.umm.. yeah. that was what we were talking about in several posts in =this thread all morning, right?Did you try the code I posted? ..or the code Donovan posted?Set up a test page with an [if]...[/if] in it.. and then see if you can =break it with an URL param such as above.. and then see if you can patch =the security hole with code like one of us posted.Donovan, I am going to test something(s) and properly reply to you.. a =little later.-Govinda--Apple-Mail-3-704544720Content-Transfer-Encoding: quoted-printableContent-Type: text/html;charset=us-ascii

Does anybody =know how to stop this (http://www.w=ebdna.us/page.dna?numero=3D195&if=3D) from happening? It looks =like any DNA tag can easily be replaced through the URL. This could =potentially create security issues for =us.

umm.. yeah. that was what we were =talking about in several posts in this thread all morning, =right?

Did you try the code I posted? ..or the code Donovan =posted?

Set up a test page with an [if]...[/if] in it.. and =then see if you can break it with an URL param such as above.. and then =see if you can patch the security hole with code like one of us =posted.

Donovan, I am going to test =something(s) and properly reply to you.. a little =later.

-Govinda

=--Apple-Mail-3-704544720-- Govinda

DOWNLOAD WEBDNA NOW!

Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!]

2011

Top Articles:

Related Readings: