> The anatomy of the tool oversimplified is that it posts to a URL on a > website and sends along in the POST some javascript which pumps this > data to MySQL: >
If a tool sends POST data to an URL, the receiving script should validate all POST data before doing anything with it. Using a .htaccess rule is not a clean way to solve this, and I doubt it is secure. _______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
