2008/12/30  <[email protected]>:
> To hide the existence of the page from robots.
>
> --- On Tue, 12/30/08, Pid <[email protected]> wrote:
>
>> From: Pid <[email protected]>
>> Subject: Re: How can the login page see parameters in the original request?
>> To: "Tomcat Users List" <[email protected]>
>> Date: Tuesday, December 30, 2008, 6:26 AM
>> [email protected] wrote:
>>
>> > Only if certain secret fields and values are present,
>> do I want to generate the login page.
>>
>> They're not really secret if you're passing them as
>> parameters.
>> It sounds like you're trying to over-engineer
>> something, which often
>> results in no security improvements and sometimes
>> introduces flaws.
>>
>> What is your real goal?
>>
>

How about passing them with the Session?

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to