Cord Beermann wrote:
> <IMHO>I think that security hole is the one who wrote the cgi (or
> whatever) which puts passwords on the URL.</IMHO>
I totally agree, but that doesn't change the fact that people still do
it.
> If I produce statistics I strip all data after the ? from the URL.
Yes, but data after the ? is still in the access log. It doesn't really
contribute much to me, and is a big security hole.
Evan
Received on Sun Jun 22 1997 - 08:41:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:33 MST