Arguments in URL - Zope - Zope lists

newer
Intl_Data_Advertisers_Division -...

Arguments in URL

older
create http upload in zope

Marcello Parra Martins

4 Feb 2004 4 Feb '04

2:18 p.m.

Hello, I dont know if this was discussed here before... Anyway.. is there an easy way to protect user from changing the arguments passed in a URL ? If not, is there a workarround, or another way to pass parameters in a URL ? Thanks Parra

Reply

Sign in to reply online Use email software

Show replies by date

Small Business Services

4 Feb 4 Feb

2:41 p.m.

New subject: [Zope] Arguments in URL

Use javascript to construction the url and then load the page. jonathan ----- Original Message ----- From: "Marcello Parra Martins" <parra@terra.com.br> To: <zope@zope.org> Sent: February 4, 2004 9:18 AM Subject: [Zope] Arguments in URL

Hello,

I dont know if this was discussed here before... Anyway.. is there an easy way to protect user from changing the arguments passed in a URL ?

If not, is there a workarround, or another way to pass parameters in a URL ?

Thanks Parra

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

Reply

Sign in to reply online Use email software

Marcello Parra Martins

3:30 p.m.

New subject: [Zope] Arguments in URL

Are there any examples arround ?? Thanks, Parra Em Qua 04 Fev 2004 12:41, Small Business Services escreveu:

Use javascript to construction the url and then load the page.

jonathan

----- Original Message ----- From: "Marcello Parra Martins" <parra@terra.com.br> To: <zope@zope.org> Sent: February 4, 2004 9:18 AM Subject: [Zope] Arguments in URL

...
Hello,

I dont know if this was discussed here before... Anyway.. is there an easy way to protect user from changing the arguments passed in a URL ?

If not, is there a workarround, or another way to pass parameters in a URL

?

...
Thanks Parra

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

Reply

Sign in to reply online Use email software

Small Business Services

5:43 p.m.

New subject: [Zope] Arguments in URL

You can find a reasonable javascript intro at: http://www.w3schools.com/default.asp Jonathan ----- Original Message ----- From: "Marcello Parra Martins" <parra@terra.com.br> To: "Small Business Services" <toolkit@magma.ca>; <zope@zope.org> Sent: February 4, 2004 10:30 AM Subject: Re: [Zope] Arguments in URL

Are there any examples arround ??

Thanks, Parra

Em Qua 04 Fev 2004 12:41, Small Business Services escreveu:

...
Use javascript to construction the url and then load the page.

jonathan

----- Original Message ----- From: "Marcello Parra Martins" <parra@terra.com.br> To: <zope@zope.org> Sent: February 4, 2004 9:18 AM Subject: [Zope] Arguments in URL

...
Hello,

I dont know if this was discussed here before... Anyway.. is there an easy way to protect user from changing the arguments passed in a URL ?

If not, is there a workarround, or another way to pass parameters in a URL

?

...
Thanks Parra

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

Reply

Sign in to reply online Use email software

Max M

5 Feb 5 Feb

8:43 a.m.

New subject: [Zope] Arguments in URL

Marcello Parra Martins wrote:

I dont know if this was discussed here before... Anyway.. is there an easy way to protect user from changing the arguments passed in a URL ?

No! You should *never* use the url as security. You should allways test the input you receive from both a form or a url. Never trust them. It is very easy to either use a browser that can be fooled or to write a programme that can send arbitrary urls. If you need to trust the input from your url's, you are doing it wrong! regards Max M

Reply

Sign in to reply online Use email software

8095

Age (days ago)

8096

Last active (days ago)

4 comments

3 participants

tags

participants (3)

Marcello Parra Martins
Max M
Small Business Services