Hosting Provided By

Re: Prevent security bypass

From: Ernie Nelson <Juridian(at)juridian.com>
Date: Fri Feb 07 2003 - 20:48:25 EST

A simpler method that requires less work is to simply name your include with the .asp extension. If you feel the need to mark it as an include prefixing the filename with inc_ (such as inc_secure.asp). That way even if the directories aren't configured right, the code is stripped out and harmless.

> I know I'm going to catch sh!t here cause I used .inc, but you can easily
Received on Fri Feb 7 21:35:48 2003

This message: [ Message body ]
Next message: Rahul Chander Kashyap: "HTTP Header and POST Data Exploitation"
In reply to sunzi: "Re: Prevent security bypass"
Next in thread: Rahul Chander Kashyap: "HTTP Header and POST Data Exploitation"
Reply: Rahul Chander Kashyap: "HTTP Header and POST Data Exploitation"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:48 EDT