[Nitro] Security problems

James Britt james_b at neurogami.com
Fri Nov 11 09:57:25 EST 2005


Emmanuel Piperakis wrote:
>>Dear devs,
>>
>>I am wondering if anyone has found (or can find) any security problems
>>with Nitro. Moreover, If anyone can suggest any common security
>>measures that could be wrapped in a controller helper/aspect I would
>>like to know. Even urls for (authoritive) articles regarding web site
>>security would be helpful.
> 
> 
> I am not sure if this can be done already, but I would like the path to be 
> hidden. I would like to show only the main page URI. I think it is a 
> security problem if a user sees things like http://myhost.com/project/1
> 
> The users might type /2 by himself...

I see that as a feature, not a bug.


James




More information about the Nitro-general mailing list