Jump to content

ozconnect

Members
  • Posts

    4
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

ozconnect's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Even easier <img scr='fred.gif' border=0>
  2. I have been using htaccess security for a while but was dismayed to find recently that an innocent mistake by one user allowed an unintended breach by another. One user had emailed a page from a secured directory to a friend to illustrate something or other. There were active links to urls within the secured direcory on that page. When those links are clicked from the email the linked page is actually displayed with the request for user authentication poping up over the top. By simply cancelling the authentication popup the submit button on that page which is displayed can be actioned. It appears as though any requested page in the secured directory is displayed before the authentication pop-up is actioned. This is not normally an issue for my site as the first page in the directory is normally a redirection page which displays nothing. Surely this is not how htaccess security is intended to work. What can I be doing wrong and how can I really secure my pages from un-wanted actions.
  3. Does anyone here have experience with this using data encoded as GB2312 or other double byte asian character encoding ?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.