[Nitro] Security problems
James Britt
james_b at neurogami.com
Fri Nov 11 09:57:25 EST 2005
Emmanuel Piperakis wrote:
>>Dear devs,
>>
>>I am wondering if anyone has found (or can find) any security problems
>>with Nitro. Moreover, If anyone can suggest any common security
>>measures that could be wrapped in a controller helper/aspect I would
>>like to know. Even urls for (authoritive) articles regarding web site
>>security would be helpful.
>
>
> I am not sure if this can be done already, but I would like the path to be
> hidden. I would like to show only the main page URI. I think it is a
> security problem if a user sees things like http://myhost.com/project/1
>
> The users might type /2 by himself...
I see that as a feature, not a bug.
James
More information about the Nitro-general
mailing list