Re: Wosid suppression broken in 5.4?
Re: Wosid suppression broken in 5.4?
- Subject: Re: Wosid suppression broken in 5.4?
- From: Anjo Krank <email@hidden>
- Date: Thu, 20 Dec 2007 00:18:39 +0100
In particular as this is a glaring security issue as you'd be exposing
WOSIDs to other sites which have no business with it!
"Oh my, why don't I check the logs for this stupid apple app server
and see if I can plunder their accounts!"
Sweet, Anjo
Am 20.12.2007 um 00:15 schrieb Anjo Krank:
Am 19.12.2007 um 22:41 schrieb Chuck Hill:
FWIW, I agree with Guido on this one.
Me too, 100%.
In particular as this used to work differently. If you WANT to
return a WOSID, you'd normally do it by returning
context.directActionURL() or whatever, which includes is if you want
it. To second guess me because some people can't seem to grasp the
concept of an URL is rather rude.
Cheers, Anjo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden