in reply to Re: Hacking "explained"
in thread Filtering potentially dangerous URI schemas in <a href="...">

Funny, I mentioned exactly that example when post-discussing with hackmare. :) Mix the User-Agent with the pw before encrypting and the attacker must use or simulate the exact same browser. Just obscurity, yes, but better than nothing. :)

Using IP, as some would suggest, is generally a bad method, as it changes (sometimes every request) for lots of people.

You have moved into a dark place.
It is pitch black. You are likely to be eaten by a grue.

Replies are listed 'Best First'.
Re^3: Hacking "explained"
by Aristotle (Chancellor) on Oct 22, 2002 at 15:24 UTC
    Yep. In fact, using the IP is even worse when you count in things like proxies (which may be transparent ones to complicate matters further). There are millions of reasons you don't want to be using the IP.

    Makeshifts last the longest.

[reply]

In Section Perl Monks Discussion