Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon4.gif   password encryption, posted by Alex H on Fri May 20 14:40:12 2005 password.gif
    icon4.gif   Re: password encryption, posted by Stefan Ritt on Fri May 27 14:48:05 2005 
       icon12.gif   Re: password encryption, posted by Alex H on Mon May 30 10:01:14 2005 
    icon2.gif   Re: password encryption, posted by Gary Clayson on Mon May 30 19:18:34 2005 
       icon2.gif   Re: password encryption, posted by Emiliano Gabrielli on Mon May 30 19:56:01 2005 
          icon2.gif   Re: password encryption, posted by Stefan Ritt on Mon May 30 20:16:11 2005 
             icon14.gif   Re: password encryption, posted by Alex H on Tue May 31 09:07:37 2005 
    icon2.gif   Re: password encryption, posted by Stefan Ritt on Sat Jun 4 14:00:17 2005 
Message ID: 1163     Entry time: Mon May 30 20:16:11 2005     In reply to: 1162     Reply to this: 1164
Icon: Reply  Author: Stefan Ritt  Author Email: stefan.ritt@psi.ch 
Category: Request  OS: Windows  ELOG Version: 2.5.8-6 
Subject: Re: password encryption 

Emiliano Gabrielli wrote:

I don't have double checked .. but .. why we need to pass the sensible information in the Query String ??
Are you sure that putting it in an hidden field (and eventualli using a GET methon in the <form>-tag) can't be a solution?


Hidden means only these fields are not shown in the form, but they are added to the URL in the same way as non-hidden fields. But I got another idea: I will try to use a POST form instead of the GET form. Using the POST method, fields are attached to the request and not present in the URL. Hope this will work. When I find some time to work on it I will let you know.
ELOG V3.1.5-3fb85fa6