On Thu, 8 Jun 2000, Rob Tanner wrote:
I gotta read messages all the way down before I respond.. Duh. You said
they were off and I told you to turn them off. That's probably at least
three demerits for me.
Anyway, unless you have an extremely busy server, those lookups are
generally
On Fri, 12 May 2000, Stas Bekman wrote:
For all those who favor chocolate cookies (mostly related to the latest
discussion about the sessions):
IE hole exposes Web surfers' private data: Microsoft is working on a
patch that will prevent its Internet Explorer browser from inadvertently
On Thu, 27 Apr 2000, Matt Sergeant wrote:
Unfortunately there's also a browser bug to contend with. They treat \x8b
(I think that's the right code) as and there's a similar code for
. Since most web developers are just doing s//lt;/g; they are open to
attacks based on character sets like
On Thu, 27 Apr 2000, Jeremy Howard wrote:
I'm interested in providing 'HTML email' support for my users (like
HotMail, Outlook Express, Eudora 4.0, etc provide), but I'm very
nervous about security. Essentially, providing HTML email involves
letting any arbitrary HTML get displayed by
On Thu, 27 Apr 2000, Nick Tonkin wrote:
On Thu, 27 Apr 2000, Marc Slemko wrote:
Cookies are not secure and will never be secure. They may be "good
enough", and you may not have much choice, but they are still simply not
secure when you put everything together.
Can y
On Thu, 27 Apr 2000, Vivek Khera wrote:
"SC" == Steven Champeon [EMAIL PROTECTED] writes:
SC developers and designers) for Webmonkey:
SC http://hotwired.lycos.com/webmonkey/00/18/index3a.html
SC If you want to see what sort of stuff the XSS problem opens you up for,
SC just try
On Mon, 24 Apr 2000, Matt Sergeant wrote:
On Sat, 22 Apr 2000, dreamwvr wrote:
hi,
most likely you will want to shut down cookies and use another method as per
advisories that currently there is a problem with javascript and cookies when
both enabled. b.t.w. exploder has simular
On Wed, 19 Apr 2000, Eric Cholet wrote:
(Off topic again, but lots of people here are using reverse
proxy).
For a while I had 'ProxyRequests On' in my httpd.conf mistakenly
thinking that it was necessary to make ProxyPass and mod_rewrite
proxying work. Then I noticed entries in my
, 2 Feb 2000, Sander van Zoest wrote:
On Wed, 2 Feb 2000, Marc Slemko wrote:
http://www.apache.org/info/css-security/
http://www.cert.org/advisories/CA-2000-02.html
I think I have found a little typo/oversight in the mod_perl example on
http://www.apache.org/info/css-security