Re: Protecting webdelivery

This WebDNA talk-list message is from

1997


It keeps the original formatting.
numero = 11885
interpreted = N
texte = Reply To: RE>>Protecting webdeliveryGrant Hulbert said: > I assume the scenario you're trying to prevent is this: > > 1) A hacker discovers the cart id during the non-SSL session, by > using packet-sniffing software > 2) The hacker uses this [cart].html as a URL to get to the webdelivery > meant for someone else, by going to that URL during a 24-hour period > after they think the card was clearedThat's the concern - (un)founded or not. I'll give your tips a whirl and see what flies out. Hadn't thought of that on-the-fly lookup technique... much cleaner than my original idea, and quite a bit simpler too. THANKS MUCH!Dan Keldsen - djk@delphigroup.com Director, I.S. - webmaster@delphigroup.com Delphi Consulting Group, Inc. - http://www.delphigroup.com/ 100 City Hall Plaza - ph: 617-247-1511 Boston, MA 02108-2106 - fax:617-247-4957 Associated Messages, from the most recent to the oldest:

    
  1. Re: Protecting webdelivery (Dan Keldsen 1997)
  2. Re: Protecting webdelivery (Grant Hulbert 1997)
  3. Protecting webdelivery (Dan Keldsen 1997)
Reply To: RE>>Protecting webdeliveryGrant Hulbert said: > I assume the scenario you're trying to prevent is this: > > 1) A hacker discovers the cart id during the non-SSL session, by > using packet-sniffing software > 2) The hacker uses this [cart].html as a URL to get to the webdelivery > meant for someone else, by going to that URL during a 24-hour period > after they think the card was clearedThat's the concern - (un)founded or not. I'll give your tips a whirl and see what flies out. Hadn't thought of that on-the-fly lookup technique... much cleaner than my original idea, and quite a bit simpler too. THANKS MUCH!Dan Keldsen - djk@delphigroup.com Director, I.S. - webmaster@delphigroup.com Delphi Consulting Group, Inc. - http://www.delphigroup.com/ 100 City Hall Plaza - ph: 617-247-1511 Boston, MA 02108-2106 - fax:617-247-4957 Dan Keldsen

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

synching databases on multiple servers (1997) WebCatb15 Mac CGI -- [purchase] (1997) [WebDNA] png support in webDNA (2011) Hyperboard users wanting a quoted message (1998) Stymied by [ShowNext] with drop down list on a form (1998) WebCat2 beta 11 - new prefs ... (1997) problems with WebCat-Plugin () Protect tag for large groups? (1999) Listserver problem (1997) Searching multiple fields from one form field (1997) [BULK] [WebDNA] Wishlist: ignore whitespace in database changes (2016) unsubscribe (2000) PCS Frames (1997) encryption seeds xing (1998) Major Security Hole (1998) WebCat2: multiple currency support (1997) Does ".tpl" index with SE's? (2003) [WebDNA] Dynamic vertical columns (2008) expired beta (1997) Storebuilder documentation (2004)