Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: CGI Security

by Sifmole (Chaplain)
on Jun 22, 2001 at 16:36 UTC ( [id://90691]=note: print w/replies, xml ) Need Help??


in reply to CGI Security

Q41: Can people see or change the values in "hidden" form variables? does answer part of the second problem, but I do not know, or understand how a user can replace variables that are posted.

If the FORM uses the GET method, then the variables will be visible in the Location bar of the browser; A user could then simply edit them.

If the FORM uses the POST method, the user can save the page to their hard drive, edit the source to change the values, then submit from that edited version of the page.

Short answer -- Yes people can see and change values in "hidden" form variables.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://90691]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2024-04-25 15:24 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found