0
indyz

IP address instead of hostname

By indyz, in Error and Bug Reports

Recommended Posts

indyz    1

indyz
On some links (i.e., the "Dropzone" link on the forums footer, and the Javelin ad, among others), the IP address of the server is shown, instead of the hostname. This isn't really a problem except you have to log in again if you follow one of those links because the cookies aren't passed.
On a related security note, passing a username and password as plaintext in cookies is a _bad_ idea. They can be very easily recovered from a user's cookie file. If the system is designed properly, only the "sid" cookie (and possibly the "Username" cookie) should be necessay.
--
Brian

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing