[prev in list] [next in list] [prev in thread] [next in thread]
List: mod-security-users
Subject: Re: [mod-security-users] processing a cookie
From: "Alex V." <alex-security () ssji ! net>
Date: 2006-04-13 14:47:38
Message-ID: 49968.213.41.94.195.1144939658.squirrel () 213 ! 41 ! 94 ! 195
[Download RAW message or body]
On Jeu 13 avril 2006 16:35, joe barbish a écrit :
> Thanks Alex
>
> I didn't use this for the hash because this allows an empty field
>
> "^[0-9a-zA-Z]*"
>
> instead I used "^[0-9a-zA-Z=]+$" so the field can not be blank and the $
> so nothing can exist beyond it.
Ok, you didn't say if you wanted to allow blank field or not...
>
> For the cookie I would think it needs $ for same reason
> "^[0-9a-fA-F]{32}$"
>
> Am I correct in this line of thinking?
Yes you are
> Is 32 the standard normal default size of php session cookies?
Yes (and AFAIK it's a normal default size for all MD5 (like générated by
md5sum, SQL MD5() function, ...)
CU
Alex
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic