I can't crack my customer's across the knuckles! Seriously, does no one else think that is a security issue for any user to be able to overwrite the url and get to hidden forms?
Janet Mahan Network Systems Administrator II EMBARQ Voice: 941-766-6199 | Wireless: 321-356-0128 | Fax: 941-766-6199 Email: [EMAIL PROTECTED] Voice | Data | Internet | Wireless | Entertainment This e-mail is the property of EMBARQ and may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender and delete all copies of the message. ________________________________ From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Rick Cook Sent: Wednesday, November 28, 2007 5:45 PM To: [email protected] Subject: Re: mid tier lock down URL ** Why, what could be simpler than a ruler across the knuckles, administered as necessary? ;-) Seriously, my preference would be to simply report this person for violation of whatever IT policy prohibits such actions. That's assuming that (s)he is causing some problem by doing so. Rick On 11/28/07, Mahan, Janet L [EQ] <[EMAIL PROTECTED]> wrote: ** Is there a simple way for someone that doesn't know a lot about creating/modifying web pages to keep users from changing the URL in the mid-tier and going directly to a form that they have hidden access to?????? Janet Mahan Network Systems Administrator II EMBARQ Voice: 941-766-6199 | Wireless: 321-356-0128 | Fax: 941-766-6199 Email: [EMAIL PROTECTED] Voice | Data | Internet | Wireless | Entertainment This e-mail is the property of EMBARQ and may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender and delete all copies of the message. __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
