[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mod-security-users
Subject:    Re: [mod-security-users] processing a cookie
From:       "Alex V." <alex-security () ssji ! net>
Date:       2006-04-13 14:47:38
Message-ID: 49968.213.41.94.195.1144939658.squirrel () 213 ! 41 ! 94 ! 195
[Download RAW message or body]

On Jeu 13 avril 2006 16:35, joe barbish a écrit :
> Thanks Alex
>
>   I didn't use this for the hash because this allows an empty field
>
>   "^[0-9a-zA-Z]*"
>
>   instead I used "^[0-9a-zA-Z=]+$" so the field can not be blank and the $
> so nothing can exist beyond it.

Ok, you didn't say if you wanted to allow blank field or not...

>
>   For the cookie I would think it needs $ for same reason
>   "^[0-9a-fA-F]{32}$"
>
>   Am I correct in this line of thinking?

Yes you are

>   Is 32 the standard normal default size of php session cookies?

Yes (and AFAIK it's a normal default size for all MD5 (like générated by
md5sum, SQL MD5() function, ...)


CU

Alex





-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users

[prev in list] [next in list] [prev in thread] [next in thread]