HTML/Middle-click/Security question...
Rick Delaney
rick-h4KjNK7Mzas at public.gmane.org
Sat Mar 10 13:25:38 UTC 2007
On Mar 09 2007, Madison Kelly wrote:
> Hi all,
>
> For security reasons, on a site I am writing I have made it so that
> you cannot pass variables in the URL (ie:
> http://domain.com/cgi-bin/script.cgi?foo=bar&baz=boo fails). I do this
> by only allowing variables to be passed via a form by checking that the
> script was called via a POST instead of a GET command before CGI
> variables are read.
Switching from GET to POST adds no extra security whatsoever. Now you
can forget about "middle-click" and go back to solving your real
problem.
HTH,
--
Rick Delaney
rick-h4KjNK7Mzas at public.gmane.org
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list