There are no locks which thieves couldn't unlock or break - nevertheless the
locks keep 99% of them not to try - that is why we lock our doors at home.
The same is here, I believe that at least some security will make more than
90% spam / scrap bots fail, while the other few percent does not
Jeremy,
There is a database with huge amount of data that could be collected by
someone else. If the url has a clear meaning, to say: /data/0, /data/1. They
can get all the data from there. I would like to have fixed and encripted
urls.
On Mon, May 10, 2010 at 4:17 PM, Jeremy Thomerson
I don't see anything weird in BookmarkablePageIncrementLink code, any help I
do appreciate
package com.misPartidos.web.widgets.seo.navigation;
import org.apache.wicket.Page;
import org.apache.wicket.PageParameters;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
import
Fernando,
It would be better to protect you application in an other way: e.g.
create the ids with random, fixed-length postfixes. My practice is to
create 4-length postfix with 0-9a-zA-Z random pattern. This is 62^4
possibility for each id in the sequence, e.g. 1aiP7, and 2pN63 is
valid, but
no, nothing seems weird indeed. i guess the next step is for you to
set a breakpoing in crypted encoding strategy and see why your url is
not being encrypted. if you still cant figure it out you are welcome
to create a quickstart.
-igor
On Tue, May 11, 2010 at 7:27 AM, Fernando Wermus
Yes, it is.
I will review my case.
I have the following urls:
valiousData/pagenumber/0, valiousData/pagenumber/1,
valiousData/pagenumber/2, valiousData/pagenumber/3
I want fixed urls or stable ones because I would like the searcher robots
could follow this links. But I don't want a programmer
you will have to tweak the default strategy for your usecase. by
default the strategy uses a secret stored in session to encrypt. if a
search bot does not support sessions it will not be able to follow
links from one page to the next.
-igor
On Tue, May 11, 2010 at 1:23 PM, Fernando Wermus
You're subscribing to a mythical line of reasoning. You're trying to
protect against page-scraping by using URL obfuscation to hide the meaning
of query string parameters. I have actually done (legitimate, legal,
purposefui) page scraping in the past for a couple of tasks - believe me -
you are
Hi all,
I create a PagingNavigator stateless. Instead of using a model to have
the number page shown, my StatelessPagingNavigator shows the number through
parameters. I hope that the page number wouldnt have been showed using
CryptedUrlWebRequestCodingStrategy, but It does. This is rather
afair crypted strategy only encodes non-bookmarkable urls. it does not
encode bookmarkable urls because those are meant as entrypoints into
your application.
-igor
On Mon, May 10, 2010 at 11:38 AM, Fernando Wermus
fernando.wer...@gmail.com wrote:
Hi all,
I create a PagingNavigator
Igor,
Wicket in Action explains
... Using this code, Wicket will encrypt all your URLs—including
bookmarkable URLs.
I need fixed entry point for my stateless page, but not readable for
humans, because some hacker would like to extract all the information from
the site.
How can I
What is a hacker going to get from a URL like /somepage?
--
Jeremy Thomerson
http://www.wickettraining.com
On Mon, May 10, 2010 at 2:06 PM, Fernando Wermus
fernando.wer...@gmail.comwrote:
Igor,
Wicket in Action explains
... Using this code, Wicket will encrypt all your URLs—including
indeed, looking at the code everything is encrypted, so the problem
must be in your BookmarkablePageIncrementLink. only urls that are
generated via the coding strategy are encrypted, if you concatenate
strings yourself they will not be encrypted obviously.
-igor
On Mon, May 10, 2010 at 12:06 PM,
13 matches
Mail list logo
