Re: CommandSecurity?

This WebDNA talk-list message is from

1997

It keeps the original formatting. numero = 12636
interpreted = N
texte = >>I removed Replace and Delete from the CommandsAllowed preference ... while>>leaving CommandSecurity=T.>>>>I did this in an effort to 'shut off' all commands performed by forms and>>URL's ... but it also seems to prevent context commands from working too. I>>had to make CommandSecurity=F to get replace and delete to work without>>adding them to the CommandsAllowed pref ... but setting CommandSecurity=F>>completely eliminates all command security, right?>>I see nothing in the code that would prevent embedded contexts such as>[Delete] or [Replace] from working regardless of what the CommandSecurity>setting is. CommandSecurity is only for $(command) remote URL-style>commands.>>Are you sure you've got the right passwords for those embedded contexts>you're using?There's no username or password fields in this database, there's only 3fields - newssku, newsdate and newstext.Aah ... but I have the page protected with my custom WebDNA ... so thebrowser already has username and password values cached before I try to usethis page. Could it be that when the browser already has a cached value forusername and password, the replace or delete won't work unless I either:1- create username and password fields in the database to compare thebrowser's values against, or ...2- put &username=[username]&password=[password] into the context?If that's all it is, this is a HUGE misunderstanding on my part!I thought I didn't have to put &username=[username]&password=[password]into replace or delete contexts or forms or urls unless there were fieldsin the database with exactly the same names.Was I wrong about this?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html Associated Messages, from the most recent to the oldest:

Re: CommandSecurity? (Grant Hulbert 1997)
Re: CommandSecurity? (Kenneth Grome 1997)
Re: CommandSecurity? (Kenneth Grome 1997)
Re: CommandSecurity? (Grant Hulbert 1997)
CommandSecurity? (Kenneth Grome 1997)
CommandSecurity? (Kenneth Grome 1997)

>>I removed Replace and Delete from the CommandsAllowed preference ... while>>leaving CommandSecurity=T.>>>>I did this in an effort to 'shut off' all commands performed by forms and>>URL's ... but it also seems to prevent context commands from working too. I>>had to make CommandSecurity=F to get replace and delete to work without>>adding them to the CommandsAllowed pref ... but setting CommandSecurity=F>>completely eliminates all command security, right?>>I see nothing in the code that would prevent embedded contexts such as>[delete] or [replace] from working regardless of what the CommandSecurity>setting is. CommandSecurity is only for $(command) remote URL-style>commands.>>Are you sure you've got the right passwords for those embedded contexts>you're using?There's no username or password fields in this database, there's only 3fields - newssku, newsdate and newstext.Aah ... but I have the page protected with my custom WebDNA ... so thebrowser already has username and password values cached before I try to usethis page. Could it be that when the browser already has a cached value forusername and password, the replace or delete won't work unless I either:1- create username and password fields in the database to compare thebrowser's values against, or ...2- put &username=[username]&password=[password] into the context?If that's all it is, this is a HUGE misunderstanding on my part!I thought I didn't have to put &username=[username]&password=[password]into replace or delete contexts or forms or urls unless there were fieldsin the database with exactly the same names.Was I wrong about this?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html Kenneth Grome

DOWNLOAD WEBDNA NOW!

Re: CommandSecurity?

1997

Top Articles:

Related Readings: