Re: [WebDNA] path traversal

This WebDNA talk-list message is from

2020


It keeps the original formatting.
numero = 115085
interpreted = N
texte = 2714 You can always use [orderfile file=3D^secretfolder/[cart]] Regards Stuart Tremain Pharoah Lane Software Suite 16, 20 Burlington Street Crows Nest NSW 2065 AUSTRALIA +612 8971 4431 > On 14 Apr 2020, at 5:56 pm, talk@webdna.us wrote: >=20 > =EF=BB=BFA security friend told me about "path traversal=E2=80=9D=20 > https://portswigger.net/web-security/file-path-traversal >=20 > and told me that the idea that the =E2=80=9CShoppingCarts=E2=80=9D folder i= s located usually under a website folder is not a good practice. > How do i move the creation of files from the directory under the website f= orlder to be under the Globals so it=E2=80=99ll be protected from such kind o= f attack ? >=20 > I made such directory elsewhere but didn=E2=80=99t know how to make WebDNA= use it ? >=20 > I use CentOS 7 and=20 >=20 > Yours, >=20 > Yariv--------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us > archives: http://www.webdna.us/page.dna?numero=3D55 > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us . Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] path traversal (Donovan Brooke 2020)
  2. Re: [WebDNA] path traversal (Office 2020)
  3. Re: [WebDNA] path traversal (Office 2020)
  4. Re: [WebDNA] path traversal (Stuart Tremain 2020)
  5. Re: [WebDNA] path traversal (Stuart Tremain 2020)
  6. Re: [WebDNA] path traversal (Donovan Brooke 2020)
  7. [WebDNA] path traversal (Yariv Nachshon 2020)
2714 You can always use [orderfile file=3D^secretfolder/[cart]] Regards Stuart Tremain Pharoah Lane Software Suite 16, 20 Burlington Street Crows Nest NSW 2065 AUSTRALIA +612 8971 4431 > On 14 Apr 2020, at 5:56 pm, talk@webdna.us wrote: >=20 > =EF=BB=BFA security friend told me about "path traversal=E2=80=9D=20 > https://portswigger.net/web-security/file-path-traversal >=20 > and told me that the idea that the =E2=80=9CShoppingCarts=E2=80=9D folder i= s located usually under a website folder is not a good practice. > How do i move the creation of files from the directory under the website f= orlder to be under the Globals so it=E2=80=99ll be protected from such kind o= f attack ? >=20 > I made such directory elsewhere but didn=E2=80=99t know how to make WebDNA= use it ? >=20 > I use CentOS 7 and=20 >=20 > Yours, >=20 > Yariv--------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us > archives: http://www.webdna.us/page.dna?numero=3D55 > Bug Reporting: support@webdna.us --------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us . Stuart Tremain

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Install Webcatalog under NT4.0 and Microsoft IIS 2.0 (1997) Links inside of Text Areas (2000) WebMerchant & CC Response (2002) RE:It just Does't add up!!! (1997) Template Encryption (1998) carriage returns in data (1997) Search/sort in URL Was: GuestBook example (1997) Template Encrypt Speed (1998) [lowercase] context? (1999) Installing WebDNA on Linux (2007) I need to get a [grep] (2003) Pixel Pipe & Auto Resizing of images (2002) Emailer setup (1997) Re2: Calculating multiple shipping... (1997) Another question (1997) problems with 2 tags shakur (1997) Multiple prices (1997) WebCat2b15MacPlugin - showing [math] (1997) Looking up two prices in database? (1997) Help with Repost Data msg from form (1997)