Gossamer Forum: Products: Gossamer Forum: Discussion: Re: [jagerman] url escaping bug: Edit Log

Gossamer Threads

Home : Products : Gossamer Forum : Discussion :

Products: Gossamer Forum: Discussion: Re: [jagerman] url escaping bug: Edit Log

Here is the list of edits for this post

Mar 13, 2002, 1:49 AM

Wil

Veteran / Moderator (4108 posts)

Mar 13, 2002, 1:49 AM

Re: [jagerman] url escaping bug

In Reply To:

The redirect is to protect people who are using the query-based authentication. If we were to link directly, someone could post a link "Click here" which takes you to some CGI on their homepage which looks for session ID numbers, and then using that they gain access to your account and change your password and e-mail, essentially stealing your account.

Hm, how would someone go about this?

Surely this would render 95% of the web forums out there insecure? Or is this specific to GTForum?

- wil

Last edited by:

Wil: Mar 13, 2002, 1:50 AM

Edit Log:

Post edited by Wil Post edited by Wil (Veteran) on Mar 13, 2002, 1:50 AM

Gossamer Threads is a Vancouver-based company with over 28 years experience in web technology. From development to hosting, we partner with leading organizations around the globe and help to build their web presences, strategies and infrastructures.

Let’s talk: 1-877-715-7676