[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev '\' reloading documents

From: Leonid Pauzner
Subject: Re: lynx-dev '\' reloading documents
Date: Sat, 31 May 2003 13:19:45 +0400 (MSD)

31-May-2003 10:59 Henry Nelson wrote:
>> > But it isn't only cached to memory. SOURCE_CACHE can be set to "FILE".
>> > If we are to cache secure documents, we should make sure that the file
>> > is as secure as is reasonably possible.
>> Yes. But while we are talking to https the secure content is _usually_ sent
>> in a single direction, from client to server (POST data, with passwords
>> etc.), so it will not be compromised by source_cache.

> I think what's been bothering me about source_cache and an https form
> is not so much the data itself, but rather whether or not (I do not know;
> that's why I'm asking.) the action of the form could become corrupted
> somehow.  In other words, could data supplied to the source_cached form
> end up going to the wrong server or an unintended recipient or script?

Source_cache just keep text/html reply from the server (without headers),
nothing more.

If someone have write access to your temp files, then source_cache:file
may be corrupted.  With source_cache:memory no corruption possible.

> Or is a source_cached form in no (100%) way different from a direct-
> rendered form that Lynx would have to refresh to change its rendering?
> For example, say you fetched a form, then took one of the actions
> discussed, like ', ", `, * or @, and then submitted your data using
> the modified rendering of the form.  Is it guaranteed that the data
> will go to where it's supposed to and the intended action will be
> taken on it?  Is it guaranteed that the server's action will be
> prepared to handle the data supplied to it?

> __Henry

> ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]