Re: Security Issues?
- Posted by "C. K. Lester" <cklester at yahoo.com> Nov 26, 2002
- 429 views
do you ever go to sites that need to keep track of you on their web site? for instance, password protected pages? ----- Original Message ----- From: "Euman" <euman at bellsouth.net> To: "EUforum" <EUforum at topica.com> Subject: Re: Security Issues? > > I reject Cookies because its a way for sites to monitor where you go > and where you've been. > > grab a copy of "ad-aware" run it on your machine and I'll bet you have > atleast one site that has either stuck code in your registry or sent cookies > that they can track your movements with. > > Euman > > ----- Original Message ----- > From: "Robert Craig" <rds at RapidEuphoria.com> > To: "EUforum" <EUforum at topica.com> > Sent: Tuesday, November 26, 2002 2:31 PM > Subject: Re: Security Issues? > > > : > : C.K. Lester writes: > : > For instance, I've gotten the user's ID and password, and now I want to > : > send them to the next page. Or I guess I should just form the HTML with > : > the appropriate content and each link has a parameter indicating a valid > : > user is clicking around... ??? Anybody with some helpful hints and tips, > : > please speak up. > : > : This is where "cookies" can be helpful. > : You output a cookie in the header of the HTML, > : then the user's Web browser will remember > : that cookie for you, and you'll be able to access it > : via an environment variable on any future page > : that the user visits (by default, until he closes his Web browser). > : e.g. > : printf(1, "Set-Cookie:myname=%s\n", {name}) > : > : A cookie is just a name-value pair. > : > : It's easier than trying to attach his name or id > : to every link that you provide him. > : > : Search the web for "cgi cookies". > : > : People can potentially fake the value of > : a cookie, so for security you might want to assign a > : special code number rather than using his name > : to identify him. > : > : Also, some people are paranoid about accepting > : cookies, so they have their browser reject them. > : > : Regards, > : Rob Craig > : Rapid Deployment Software > : http://www.RapidEuphoria.com > : > : > : > : > : > > >