On Mon, Oct 27, 2014 at 10:38 PM, Florian Krämer bur...@doomzone.de wrote:
I've turned the idea into an implementation. Proof of concept goes here:
https://github.com/burzum/cakephp/commit/9d8f6b4cb7653dd14130af68dbc632e9055d8d76
Cool! I will try this out...
Tarique
--
Like Us on
19, 2014 12:26:44 AM UTC+2, glk wrote:
Florian... What a wonderful idea.
Just wish I understood all of Cake well enough to help implement. I've
fought with the Security Component many times and, although I've never
lost, it has created many headaches. Hope the Development team can add
Florian... What a wonderful idea.
Just wish I understood all of Cake well enough to help implement. I've
fought with the Security Component many times and, although I've never
lost, it has created many headaches. Hope the Development team can add
this functionality during debugging
was generated in the past.
-Mark
On Monday, 8 September 2014 21:47:05 UTC-4, #2Will wrote:
I've got an app i have been maintaining for a while now. The security
component causes more headaches than anything else. In fact, because
cakephp is so nice to work with, i think Security Component (SC
Mark wouldn't it be possible to keep track of these changes somehow via
debug kit? Save the original keys to session and then do the same
comparison with the data that the security component does but without the
hashing but an array diff instead?
On Friday, September 12, 2014 4:32:32 AM UTC+2
',
]);
$this-belongsToMany('Users', [
'foreignKey' = 'promotion_id',
'targetForeignKey' = 'user_id',
'joinTable' = 'promotions_users',
]);
}
Data saves fine if the security component is not loaded...
black holes the request otherwise...
Is this a bug or is this by design?
--
Like Us
for a while now. The security
component causes more headaches than anything else. In fact, because
cakephp is so nice to work with, i think Security Component (SC) causes all
the headaches...
I've read through the docs a fair bit, i have bits of code scattered
around turning off the SC
have been maintaining for a while now. The security
component causes more headaches than anything else. In fact, because
cakephp is so nice to work with, i think Security Component (SC) causes all
the headaches...
I've read through the docs a fair bit, i have bits of code scattered
around
having it and then not using it. Once the site gets
hacked, ill have to stand at the front and tell all the others why i didn't
use the security component.
I do a lot of other stuff to white list fields etc to mitigate this (and
the site gets penetration tested and hasn't been completely owned yet
I've got an app i have been maintaining for a while now. The security
component causes more headaches than anything else. In fact, because
cakephp is so nice to work with, i think Security Component (SC) causes all
the headaches...
I've read through the docs a fair bit, i have bits of code
');
$this-displayField('name');
$this-primaryKey('id');
$this-belongsTo('Users', [
'foreignKey' = 'user_id',
]);
$this-belongsToMany('Users', [
'foreignKey' = 'promotion_id',
'targetForeignKey' = 'user_id',
'joinTable' = 'promotions_users',
]);
}
Data saves fine if the security
' = 'promotions_users',
]);
}
Data saves fine if the security component is not loaded...
black holes the request otherwise...
Is this a bug or is this by design?
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received
('name');
$this-primaryKey('id');
$this-belongsTo('Users', [
'foreignKey' = 'user_id',
]);
$this-belongsToMany('Users', [
'foreignKey' = 'promotion_id',
'targetForeignKey' = 'user_id',
'joinTable' = 'promotions_users',
]);
}
Data saves fine if the security component is not loaded...
black holes
',
'targetForeignKey' = 'user_id',
'joinTable' = 'promotions_users',
]);
}
Data saves fine if the security component is not loaded...
black holes the request otherwise...
Is this a bug or is this by design?
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com
' = 'promotion_id',
'targetForeignKey' = 'user_id',
'joinTable' = 'promotions_users',
]);
}
Data saves fine if the security component is not loaded...
black holes the request otherwise...
Is this a bug or is this by design?
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter
@Jose: good to know ... logical cause of the dropped table was someone
getting their hands on the database login credentials.
@Dakota: thanks, will keep an eye out for that, not that it's a factor in
this situation.
On Friday, June 13, 2014 4:52:22 AM UTC+1, Dakota wrote:
Just one thing to
No, the security component does not prevent you against that. There most be
some place where you are passing raw input into a query.
On Thursday, June 12, 2014 1:28:03 AM UTC+2, phpMagpie wrote:
Hi,
I've just launched a site for a client that had quite a big form in it
that people were
Injection.
Thanks, Paul.
On Thursday, 12 June 2014 11:36:00 UTC+1, José Lorenzo wrote:
No, the security component does not prevent you against that. There most
be some place where you are passing raw input into a query.
On Thursday, June 12, 2014 1:28:03 AM UTC+2, phpMagpie wrote:
Hi,
I've
remove one table from
one database.
I don't like to jump to conclusions though, so just wanted to know if my
configuration has somehow opened up the possibility of SQL Injection.
Thanks, Paul.
On Thursday, 12 June 2014 11:36:00 UTC+1, José Lorenzo wrote:
No, the security component
Just one thing to note is that the updateall method doesn't do all escaping.
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from
Hi,
I've just launched a site for a client that had quite a big form in it that
people were spending a long time trying to complete. Because some people
were walking away form the form then coming back later and trying to submit
their security tokens were expiring so the client asked me to
I thought it would more depend on how you are writing changes to the
database.
If you're going via the model, with ::create and ::save methods, then users
shouldn't be able to inject a truncate or drop. I say shouldn't
because that is my understanding of how it is supposed to work, but I've
Yeah, everything is done via Model::save() and your understanding is the
same as mine.
If anyone does know otherwise would be good to know.
Thanks, Paul.
On Thursday, 12 June 2014 01:17:12 UTC+1, Reuben wrote:
I thought it would more depend on how you are writing changes to the
database.
Check the Code
http://api.cakephp.org/2.4/source-class-SecurityComponent.html#322-338
Blackholing is nothing more than throwing a BadRequestException or
triggering a callback.
I would not use an exception in that place.
On Friday, December 27, 2013 7:37:24 PM UTC+1, advantage+ wrote:
Is
I want to make action requests more secure by implementing the Restricting
HTTP methods { requirePost(),requireGet(), requirePut(), requireDelete()}
but running into a bit of an issue.
For an add request for example via ajax I have to fetch the form (get) and
load it into the colorbox, and save
Is there a way to force call blackhole based on model validation rules?
I have a validation method that I would like to call the blackhole if it
fails.
Thanks,
Dave
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received
Hi Friends,
Can anyone help me out with this , i have a edit form with security
component ,
it needs to be submitted two times i have checked in console , in form
security component hidden token METHOD IN by default PUT ,
when i click submit first time it changes to post ,then second time
In any of the controller files if I call the Security component (not doing
anything beyond that), certain pages of my website crash.
Here's what I have currently for $components. The site works fine with this:
var $components = array('Auth','Session','Email');
But when I add 'Security
I'm using 2.3 beta and the Security component.
I have a site that is posting data to a controller action but the Security
component blocks the request; so I don't get $this-request-data and the
code fails.
If I disable the Security component in beforeFilter for this action the
data gets
My solution is to receive the post via one action then redirect to the log in
action. Security::unlockedActions doesn't seem to work though (I must be doing
it wrong?); I have to check for the initial action and disable the Security
component. After the redirect the action is different, so
I am struggling with the exact same problem..
If anyone have a suggestion???
see:
http://stackoverflow.com/questions/11869336/cakephp-2-1-making-a-jquery-ajax-call-with-security-component-activated
-Tom
kl. 21:41:18 UTC+1 torsdag 8. desember 2011 skrev porangi.chris følgende:
Hi,
I'm
Nobody has an idea?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
when Security component is included in
AppController.php.
Here is sample code:
/*file app/Controller/AppController.php*/
?php
class AppController extends Controller {
public $helpers = array(
'Html',
'Js' = array('Jquery'),
'Form
Thanks, Jeremy. I think I'm going to opt for roughly the same thing. Use my
pushSSL() function - analogous to your __unforceSSL() - on all controllers
that don't require SSL, then use the switching style for those that do
require SSL.
It just seems weird to me that they have a function in
Here's what I don't get about the Security Component: if there's an option
to use the blackholeCallback for requireSecure, why is there no option to
provide a callback for anything else?
I'm using this system as outlined in the book to force SSL on certain
actions. But I'd like to force people
Can anyone help me out, here?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
Here's how I did this on an app (this is 1.3 but I'd guess it'd be fairly easy
to transpose to 2.0 if needed).
In app_controller create a function:
function __requireSecure() {
... conditions to check
... return true if SSL is needed
...
-ajax_handler/blob/master/Controller/Co...
On Dec 8, 12:54 pm, José Lorenzo jose@gmail.com wrote:
set 'validatePost' = false for the security component in that action
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP
Hi,
I'm having issues with running Ajax and the security component
alongside each other. Security works fine on the other forms. Ajax
works fine if Security is commented out.
Security is included in the App Controller alongside other components
'Security' = array
set 'validatePost' = false for the security component in that action
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from
Yeah I ran into this as well, Jose has the correct answer.
https://github.com/milesj/cake-ajax_handler/blob/master/Controller/Component/AjaxHandlerComponent.php#L84
On Dec 8, 12:54 pm, José Lorenzo jose@gmail.com wrote:
set 'validatePost' = false for the security component in that action
I am trying to test a CakePHP action that deals with a signup form
secured with the `Security` component. I have configured the component
in a UsersController like this:
public $components = array(
'Security' = array('unlockedFields' =
array('password_again')),
);
I can execute
I have also tried $this-Users-Components-disable('Security');
On Nov 18, 1:55 pm, elitalon elita...@gmail.com wrote:
I am trying to test a CakePHP action that deals with a signup form
secured with the `Security` component. I have configured the component
in a UsersController like
and go home for the night. When they
come back in they'll unlock their PC and want to pick up where they
left off. If they were in the middle of some data management with
forms using the security component, the form will look like it's ready
to go, they'll enter some more data and hit submit
in the middle of some data management with
forms using the security component, the form will look like it's ready
to go, they'll enter some more data and hit submit but they will be
immediately blackholed. All they will see is a blank screen and think
'bug'. What is the best way of handling this more
unlock their PC and want to pick up where they
left off. If they were in the middle of some data management with
forms using the security component, the form will look like it's ready
to go, they'll enter some more data and hit submit but they will be
immediately blackholed. All they will see
Thanks a lot Jens,
I think I'll model it this way. Perhaps using a small ajax popup which
contains the token instead of a new frame just asking if the record
should be deleted.
On 13 Aug., 13:03, Jens Dittrich jdittr...@gmail.com wrote:
No or it depends on what you want to happen when a delete
No or it depends on what you want to happen when a delete link is clicked.
No one forces you to commit a delete on a click on a link. As an example,
you could always display a page requesting a confirm for the delete request,
which could carry a token for that request. That way you could not
,
I'm pretty sure this must have been answered somewhere. However I
wasn't able to find an answer yet. I have two question regarding the
security component.
1. Authentification tokens seem to be checked by the security
component only if data is passed via post. I assume this since my
delete
Hi every body,
I'm pretty sure this must have been answered somewhere. However I
wasn't able to find an answer yet. I have two question regarding the
security component.
1. Authentification tokens seem to be checked by the security
component only if data is passed via post. I assume this since
Hi Cake Community,
Cakephp Version: 1.3.8
OS: Windows7
Experience: Newbie
I have a generel problem with the security component.
1.) well, i have following actions(add, edit) in my controller. If i
call in beforeFilter(), like this, $this-Security-
requireAuth('add'), the requireAuth generated
I've read this article
http://book.cakephp.org/view/1309/Basic-HTTP-Authentication
Now I've a lot of controller with many actions to protect, so I could
consider the idea to insert that beforeFilter directly inside
AppController (and not in the single controller), so every action will
be
@googlegroups.com [mailto:cake-php@googlegroups.com] On Behalf
Of Mariano C.
Sent: Wednesday, April 06, 2011 5:13 AM
To: CakePHP
Subject: Security component and HTTP Basic Authentication
I've read this article
http://book.cakephp.org/view/1309/Basic-HTTP-Authentication
Now I've a lot of controller
So I need in couple Auth and Security component?
On 6 Apr, 09:54, Krissy Masters naked.cake.ba...@gmail.com wrote:
$this-Auth-allowedActions = array(); //will allow nothing
$this-Auth-allowedActions = array('login'); //only allow the action in the
array
These are set in the controller
:
So I need in couple Auth and Security component?
On 6 Apr, 09:54, Krissy Masters naked.cake.ba...@gmail.com wrote:
$this-Auth-allowedActions = array(); //will allow nothing
$this-Auth-allowedActions = array('login'); //only allow the action in the
array
These are set
component and HTTP Basic Authentication
So I need in couple Auth and Security component?
On 6 Apr, 09:54, Krissy Masters naked.cake.ba...@gmail.com wrote:
$this-Auth-allowedActions = array(); //will allow nothing
$this-Auth-allowedActions = array('login'); //only allow the action in
the
array
zero sense...have you read your own question?
-Original Message-
From: cake-php@googlegroups.com [mailto:cake-php@googlegroups.com] On Behalf
Of Mariano C.
Sent: Wednesday, April 06, 2011 7:17 AM
To: CakePHP
Subject: Re: Security component and HTTP Basic Authentication
I don't need
] On Behalf
Of Mariano C.
Sent: Wednesday, April 06, 2011 7:17 AM
To: CakePHP
Subject: Re: Security component and HTTP Basic Authentication
I don't need a complete mechanism of authentication.
I just want to protect every action with http basic and leave just one
action unprotected.
As soon add
Hey everybody
to my knowledge, the $whitelist attribute tells a model, which
attributes should be writable when it comes to a save. I'm using the
Security component which ensures that nobody tampers with my forms
(e.g. adding a new input field), so I guess I don't need $whitelist
anymore, right
attribute tells a model, which
attributes should be writable when it comes to a save. I'm using the
Security component which ensures that nobody tampers with my forms
(e.g. adding a new input field), so I guess I don't need $whitelist
anymore, right?
Thanks for your opinion
Josh
--
Our newest
be writable when it comes to a save. I'm using the
Security component which ensures that nobody tampers with my forms
(e.g. adding a new input field), so I guess I don't need $whitelist
anymore, right?
Thanks for your opinion
Josh
--
Our newest site for the community: CakePHP Video
the Security
component thinks the form was manually changed).
Is this normal?
It's part of the HTML spec. The browser won't send data for an element
that effectively has no data to send.
Is there a fix for this?
Don't include an empty select list in the form. Or include
'Comment.post_id
Hey everybody
I just noticed that when I'm having an empty dropdown list and send
it, then its key in the data (e.g. data[Comment][post_id]) goes
missing, and I get a blank screen (probably because the Security
component thinks the form was manually changed).
Is this normal? Is there a fix
On Thu, Dec 30, 2010 at 4:12 PM, psybear83 psybea...@gmail.com wrote:
Hey everybody
I just noticed that when I'm having an empty dropdown list and send
it, then its key in the data (e.g. data[Comment][post_id]) goes
missing, and I get a blank screen (probably because the Security
component
Hello,
I try to use the security component in cakePHP 1.3 and want to combine
the requirements to establish an SSL connection with a simple security
login.
First I want to redirect to a secure connection. Then transmitting the
password should be okay.
Both methods work fine as long as long as I
sorry man but who told you that security component and AJAX do not
work?
On Nov 8, 10:18 pm, Dave Maharaj m...@davemaharaj.com wrote:
Ok from what I have read using Security Component with AJAX request will not
work.
So I never added it to my app_controller, then today I decided lets see
will
and will not work.
Im simply sending forms ajax with jquery.form pluging
All my stuff works that’s why im wondering.
-Original Message-
From: robust solution [mailto:hussein_elhar...@yahoo.com]
Sent: November-09-10 4:36 AM
To: CakePHP
Subject: Re: Security Component
sorry man but who told you
: Re: Security Component
sorry man but who told you that security component and AJAX do not
work?
On Nov 8, 10:18 pm, Dave Maharaj m...@davemaharaj.com wrote:
Ok from what I have read using Security Component with AJAX request will
not
work.
So I never added it to my app_controller
Right on thanks for that bit.
I am not modifying any of the forms, simply AJAX submit.
But 1 thing that has me puzzled was I added Security component, used firebug
to edit the hash value, change a few field names / values and it still
submitted fine (no blackholes) so that where I was getting
-security-component-for-a-single-action-tp682715p5716405.html
Sent from the CakePHP mailing list archive at Nabble.com.
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google
.
Or better:
if(isset($this-Security) 'myaction' == $this-action) {
$this-Security-enabled = false;
--
View this message in context:
http://cakephp.19694.n2.nabble.com/how-to-disable-security-component-for-a-single-action-tp682715p5716405.html
Sent from the CakePHP mailing list archive
Ok from what I have read using Security Component with AJAX request will not
work.
So I never added it to my app_controller, then today I decided lets see what
happens so sure enough my forms all get the security div
div style=display: none;input type=hidden value=POST
name=_methodinput type
...@davemaharaj.com wrote:
Ok from what I have read using Security Component with AJAX request will not
work.
So I never added it to my app_controller, then today I decided lets see what
happens so sure enough my forms all get the security div
div style=display: none;input type=hidden value=POST
name
All my responses are JSON with true / false then do something like you said.
I was just curious as everything I seem to have found says Security
Component will not work so just trying to get an answer on what exactly
will not work means.
? The component will add the Token / hash but its
Security
Component will not work so just trying to get an answer on what exactly
will not work means.
? The component will add the Token / hash but its not checked ?
? The whole thing will fail ?
? The component does nothing ?
So far in my testing everything still works but if I edit the form
using the
form helper and am not using javascript. My question was how do you debug an
issue with the Security component?.
Jeremy Burns
Class Outfit
jeremybu...@classoutfit.comhttp://www.classoutfit.com
On 18 Sep 2010, at 21:33, bwelli...@gmail.com wrote:
When using the Security Component
i always hated the security component for that
had similar issues some time ago.
debugging is almost impossible^^
at least in debug 0 it should not blackhole completely (but maybe
throw some errors or whatever)
if there is such an option i didnt find it yet
On 20 Okt., 22:43, austin awe
When using the Security Component you must use the FormHelper to
create your forms. The Security Component looks for certain indicators
that are created and managed by the FormHelper (especially those
created in create() and end()). Dynamically altering the fields that
are submitted in a POST
Yup - I know all this and if you read the post you'll see that I am using the
form helper and am not using javascript. My question was how do you debug an
issue with the Security component?.
Jeremy Burns
Class Outfit
jeremybu...@classoutfit.com
http://www.classoutfit.com
On 18 Sep 2010, at 21
Is it possible to exclude a single controller action from the Security
component? At present I have $this-Security-validatePost = false; in
the controller's beforeFilter, which means that all actions are
insecure.
Check out the new CakePHP Questions site http://cakeqs.org and help others
if ($this-action == 'foobar') {
$this-Security-validatePost = false;
}
On Sep 16, 11:53 pm, Jeremy Burns jeremybu...@classoutfit.com wrote:
Is it possible to exclude a single controller action from the Security
component? At present I have $this-Security-validatePost = false
, Jeremy Burns jeremybu...@classoutfit.com wrote:
Is it possible to exclude a single controller action from the Security
component? At present I have $this-Security-validatePost = false; in
the controller's beforeFilter, which means that all actions are
insecure.
Check out the new CakePHP Questions
I have enabled the Security component in my app_controller and mostly
this works just fine. But I have one particular view that falls into
the blackhole when its form is posted. It works fine if I type $this-
Security-validatePost = false; into the beforeFilter() of the
controller.
I can't see
Are you creating input fields without the form helper?
http://milesj.me/blog/read/43/Protecting-Your-Forms-With-The-Security-Component
On Sep 8, 8:03 am, Jeremy Burns jeremybu...@classoutfit.com wrote:
I have enabled the Security component in my app_controller and mostly
this works just fine
-With-The-Security-Component
On Sep 8, 8:03 am, Jeremy Burns jeremybu...@classoutfit.com wrote:
I have enabled the Security component in my app_controller and mostly
this works just fine. But I have one particular view that falls into
the blackhole when its form is posted. It works fine if I type
A bit late though, but thanks!
On 11 jul, 03:48, nurvzy nur...@gmail.com wrote:
Set the security component to not validate that field.
http://book.cakephp.org/view/1297/Configuration
Hope that helps,
Nick
On Jul 10, 1:28 pm, Tomatosoup wiegersteenhui...@gmail.com wrote:
Hello,
I
Your welcome. :)
On Jul 30, 5:32 pm, Tomatosoup wiegersteenhui...@gmail.com wrote:
A bit late though, but thanks!
On 11 jul, 03:48, nurvzy nur...@gmail.com wrote:
Set the security component to not validate that field.
http://book.cakephp.org/view/1297/Configuration
Hope that helps
Hello,
I use the Security component, but one (kind of custom) form gets
invalidated.
Is there some way to validate an invalidated (because of the token the
Security component generates) form?
Because I have an edit page in which I have a DIV that acts as a Rich
Text Editor. Whenever one clicks
Set the security component to not validate that field.
http://book.cakephp.org/view/1297/Configuration
Hope that helps,
Nick
On Jul 10, 1:28 pm, Tomatosoup wiegersteenhui...@gmail.com wrote:
Hello,
I use the Security component, but one (kind of custom) form gets
invalidated.
Is there some
Hi all,
I looked up in the cake core code and found that there are to methods
that generate the fields hash. The first is in the form helper and
generates the fields hash that's displayed at the end of the form. The
second one generates a fields hash based on the submitted fields in
the Security
Hi,
I've a problem using cake's security component when my field names are
integer. For example I've several checkboxes named:
data[MyModel][1]
data[MyModel][2]
data[MyModel][3]
When I activate the security component, the validation of the post
data failes. The fields are properly written
I have the Security component in my app_controller's $components
array. The home page of a site has a simple text field to accept some
data. When the form is submitted it is parsed through a controller
with a very simple add function. This form submission is being
intercepted and blackholed
I worked it out. In my cache there were two views for the same page. One called
sitename.php, the other called sitename_pages_home.php. They are of course both
from the same source. However, it seems as if the Security component didn't
like both of them being present. I cleared the cache
jeremybu...@me.com
On 28 Feb 2010, at 11:32, Jeremy Burns wrote:
I worked it out. In my cache there were two views for the same page. One
called sitename.php, the other called sitename_pages_home.php. They are of
course both from the same source. However, it seems as if the Security
component
I did manage to solve it and directly after I had posted this! I
retained the ...
echo $form-create('Product', array('action'='edit/'.$this-data
['Product']['id'])); on list.ctp.
I changed the link on edit.ctp to a verbose link without the id
i.e. $form-create('Product', array('action'='edit')).
I have a test CakePHP Application that lists various products on a
single page called views/products/index.ctp.
To start with each product had an Edit link that targeted action
products/edit/productid.
This worked fine.
I then added $this-Security-requirePost('edit');.
I replaced the link on
I may be wrong in this, but im pretty sure the requirePost() is only
supposed to be used once. It should only be used on the initial
request of the page, not subsequently after.
Why would you have that page require a post to access? And not just
turn it back to a link? It doesn't solve any
Yes the security component adds a hidden token/timer within the forms.
Their is a time limit that black holes if you sit on the page too
long. Not sure if you can configure it. Try doing a search within the
Security component.
On Jan 18, 8:43 pm, Stinkbug justink...@gmail.com wrote:
Just
Just checking to see if anyone has any recommendations on this before
I start implementing something myself.
On Dec 16 2009, 10:49 pm, Stinkbug justink...@gmail.com wrote:
I've been using the security component for quite some time, but there
is one issue that I've never been able to figure out
I've been using the security component for quite some time, but there
is one issue that I've never been able to figure out with it.
When I have a form and the user takes a while to fill it out, it will
get blackholed. I'm guesing the security component is using a session
some how on the form
1 - 100 of 235 matches
Mail list logo
