Archive of UserLand's first discussion group, started October 5, 1998.
scriptingNews outline for 5/9/2000
Author: Dave Winer Posted: 5/9/2000; 6:53:42 AM Topic: scriptingNews outline for 5/9/2000 Msg #: 17121 Prev/Next: 17120 / 17122
Zope discovers a browser security hole
Zope.Org posts a security alert of concern to users of all Web applications, including Manila. We're studying it now.
We believe there is a way to work around it using the Referer attribute of an HTTP request. If you want to be safe, and you have a Manila site, either log off the site, or don't visit any sites that might not be friendly. I know that's not very helpful. We'll post more advice here as we figure it out.
Second line of defense, in your Manila site, in the Editors Only menu, click on Prefs, then Legal Tags. Make sure the