Theiling Online    Sitemap    Conlang Mailing List HQ   

TECH: Caution: Login data in Listserv URLs!

From:Henrik Theiling <theiling@...>
Date:Monday, July 11, 2005, 13:01

Jeffrey Jones <jsjonesmiami@...> writes:
>... > > bin/wa?A2=ind0506b&L=conlang&F=&S=&X=07F1F778B8CE64D603&Y=jsjonesmiami% >
Caution: the new interface encodes login data in the URL, namely the session ID and the login name, so you will probably want to edit the URL before posting it by deleting the X=... and the Y=... values! The session key expires after a while, of course, but when posting, it is probably valid for an hour or so. The URLs log in even if the login cookie is missing! This is very dangerous design in the new Listserv. :-( Be careful! **Henrik