Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: How can they know?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How can they know?

Subject: Re: How can they know?
From: John Stiles <email@hidden>
Date: Thu, 4 Aug 2005 06:02:27 -0700


On Aug 4, 2005, at 4:46 AM, Jonathon Mah wrote:

On 2005-08-04, at 21:06, Lorenzo wrote:
tcpflow is amazing. I really have seen on the Terminal the content of the file I download with the API dictionaryWithContentsOfURL and even the link from which it comes.

Since I use the content of that file to give the user the permission to run, I would like to know: can the user feed my application with some other data coming from a different server? I mean, can a user diverge my call dictionaryWithContentsOfURL from my domain to some other domain?

Yes, and quite easily. You can add an entry to the hostnames file to cause yourdomain.com to always resolve to something else (e.g. localhost). There you can run your own server and return back whatever you like.

If the ultimate goal is robust security, you are not likely to find it in standard HTTP. :) There are far too many tools which can analyze network traffic. _______________________________________________ Do not post admin requests to the list. They will be ignored. Cocoa-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden References: >Re: How can they know? (From: Lorenzo <email@hidden>) >Re: How can they know? (From: Jonathon Mah <email@hidden>) Prev by Date: Re: decoding arabic text broken Next by Date: Window redraw problem with OpenGL Previous by thread: Re: How can they know? Next by thread: Re: How can they know? Index(es): Date Thread