Re: Wosid suppression broken in 5.4?
Re: Wosid suppression broken in 5.4?
- Subject: Re: Wosid suppression broken in 5.4?
- From: Chuck Hill <email@hidden>
- Date: Wed, 19 Dec 2007 15:26:48 -0800
On Dec 19, 2007, at 3:18 PM, Anjo Krank wrote:
In particular as this is a glaring security issue as you'd be
exposing WOSIDs to other sites which have no business with it!
"Oh my, why don't I check the logs for this stupid apple app server
and see if I can plunder their accounts!"
Sweet, Anjo
Oops! :-P
That seems a pretty clear cut reason to NOT have this added to the URL.
Am 20.12.2007 um 00:15 schrieb Anjo Krank:
Am 19.12.2007 um 22:41 schrieb Chuck Hill:
FWIW, I agree with Guido on this one.
Me too, 100%.
In particular as this used to work differently. If you WANT to
return a WOSID, you'd normally do it by returning
context.directActionURL() or whatever, which includes is if you
want it. To second guess me because some people can't seem to
grasp the concept of an URL is rather rude.
Cheers, Anjo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40logicunited.com
This email sent to email@hidden
--
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve specific
problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden