[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mailing form



Hi,

anx.scan wrote:
> 
> huh? what security risks? so, what other ways are there to do this
> then?  i dont have unix, cgi stuff, nor do i care to.

The same with me!
 
> it makes no sense to me... what can a hacker do to a form thats
> emailed to me that he cant do to me through regular email?

He could set up a page which automatically "Mailbombs" someone. But there 
must be another way to fix the Problem. Maybe the Browser should send a 
copy of the mailed form to himself, with the URL of the related page in 
it, or something like that. The URL of the "form-page" could also be 
added to every form-post, so a Mailbombed User would see where it cames 
from.

I think, there are lots of other ways to handle it, each of it better 
than disabling e-mailing a form.

Once again: I would REALLY miss it.

And I wonder what the authors of a Program like Webforms would say to 
that????
 
> oh well, paranoia fills time, i guess
> 
> you know theres quite a security risk in giving your credit card
> number to someone over the phone, through the mail.... hell, even
> having a credit card on you.  so is life.

You are totally right!

So long
Olaf


_____________________________________________________________________
Olaf Walkowiak, Suedeseestr.14, D-45145 Essen, Phone:+49-201-604594
si0015@aixrs1.hrz.uni-essen.de			OlafWal@aol.com
URL:http://www.bikeconn.de/com/bikeconn/hotel/olaf	(Homepage)
URL:http://www.bikeconn.de/com/bikeconn/hotel/olaf/java (JavaScript)
_____________________________________________________________________
Request PGP public key by E-Mail
PGP fingerprint: 55 BF 58 7A E9 DC FF 28 33 31 A6 B8 FB A1 28 A6

--------------------------------------------------------------------
This message came from the mailing list javascript. For help using the
mailing list software, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.