OT: Web page source code
Fairlight
fairlite at fairlite.com
Tue Aug 12 10:15:57 PDT 2008
With neither thought nor caution, Jose Lerebours blurted:
>
> There are some products that claim to compile your HTML thus
> protecting it from prying eye - Just google "compile HTML" and
> peruse through the results.
What are you on, Jose? You want to look at 'encrypt html', not compile.
The compilers will do things like make .chm files for eBooks, or standalone
executables--not make something usable on the web.
> That said, if you are concerned about your HTML code, I say STOP writing
> web pages and stick to filePro. Your true concern should lie on you
> server side scripting or your CGI scripts. HTML is nothing anyone would
> be interested. Except of course for the very newbies that have no clue
> and even then they are likely to take advantage of pages written by pros
> (since you are using front page 2K2, hints me you are not a pro - no
> offense intended).
>
> In the other hand, if you are worried because you are posting hidden
> fields and are concerned about revealing this content, you are then using
> the wrong approach.
And again, what are you on? There's nothing inherently wrong with CGI.
A -properly- designed application need not divulge any field information
than necessary--use sessioning and transfer only the fields you absolutely
need to come from the client side, keeping the rest on the server side to
be looked up via the session ID you transfer back and forth. As for data
security in general, that's what SSL is for.
Just -don't- use fPCGI. THAT would be a security nightmare unless you get
well away from their default configuration.
I haven't seen this much fear, uncertainty, and doubt put forth in quite
some time, Jose. Geez. Do some research. And talking about CGI security
is really rich from someone that touts PHP--arguably the biggest security
nightmare to come forth in the last decade. I got a good laugh out of the
irony, thanks.
mark->
More information about the Filepro-list
mailing list