I guess the server will have to actually verify that the parameter are valid. Firebug is not unique in edits, just accessible to more users. Pretty much anything you send out of server is not in your control any longer, so anything that comes back may be what you expect or maybe 'enhanced' by users in unexpected ways.
jjb On Mar 2, 2:56 pm, Pom <[email protected]> wrote: > I have just found that it is possible to modify java applet parameters > thanks to the modify function of firebug. > In this way anybody can change webmaster's default values and use the > java applet in a unwanted ways. > In this way the tool becomes useful for "hackers". Further more from > version 1.2 seems not possible to detect it anymore since console > could be disabled. > > So, which could be the solution to protect java applet parameters from > edit and live resubmit? > > Thank you --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Firebug" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/firebug?hl=en -~----------~----~----~----~------~----~------~--~---
