|
David Fraser
davidf at sjsoft.com
Fri Sep 3 22:35:27 EDT 2004
Daniel Popowich wrote: >Vinj Vinj writes: > > > >>...I'm trying to use _call_ but have some questions suggestions. My >>site has a yahoo like interface which has a lot of links which >>perform actions. These actions(links) go thorugh http get. >> >>I changed the repsond so that the servlet looks for the _call_ form >>variable function gets called even if it comes from a get request. >> >> >> > >I restricted the use of the _call_ mechanism to POSTs for security >reasons. Granted, POSTs are no more secure than GETs, but at least >with POSTs you don't see the data in the URL, staring you in the >face. And the thought calls to methods visible in the browser url >window didn't thrill me. I've considered adding an attribute to >Servlet, say, allow_call_with_get, defaulting to false; then a >developer can set it to true if they really want to allow this >feature. One benefit with this attribute: you can turn it on and off >per servlet instead of globally across all servlets. > >Another thing you can do, to obfuscate the url string so it's not so >obvious a method is being called: change the value of METHODCALL at >the top of servlet.py. This is probably another candidate for >turning into an attribute of Servlet. > > This is security by obscurity. I would think making sure the values passed into a function are safe is more important. The danger of security by obscurity is it misleads you into not doing this kind of checking... I *love* being able to pass GET variables into functions in other peoples programs ... it means web programs are easier to interact with. Just this week I wrote a script to search for flights on top of an airline's website ... it saved me a lot of time David
|