[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Feedback wanted regarding prettyURL()
From: Ismail =?utf-8?q?D=C3=B6nmez?= <ismail () pardus ! org ! tr>
Date: 2007-08-16 21:37:46
Message-ID: 200708170037.46107.ismail () pardus ! org ! tr
[Download RAW message or body]
On Thursday 16 August 2007 18:31:48 Dirk Mueller wrote:
> Hi,
>
> To avoid the latest announced url spoofing attacks in a general way, I
> suggested to shorten the username, to avoid that the user misinterprets the
> username actually as part of the hostname.
>
> this however breaks the url pretty badly: the username is not really valid
> anymore. on the other hand, its unlikely that there will be a very long
> username given, especially if no password has been added.
>
> Comments, opinions?
This has my vote, else its pretty easy to spoof a URL [0]
[0] http://alt.swiecki.net/konq3.html
Regards,
ismail
--
Perfect is the enemy of good
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic