Matt Brown's Radio Weblog

Welcome to the Dreamweaver MX Blog. I am the Community Manager for Macromedia Dreamweaver and I work for Macromedia. Come to see what is happening in the community, on the Dreamweaver Team and around the web... Most of all, you get to hear my opinion.
   



  Thursday, December 05, 2002

Tower Records Security hole - c|net - This one is really bad security flaw and the write up tells you how it happened. This is a REALLY good example of having a code review AND a set of best practices that you adhere to ABSOLUTELY.... Lots of caps there, but I think you will agree.

The article...

The problem... They had their order information form set to method="get" and that puts the arguments into the URL. When the user saw that, they could enter different order numbers and volia! They are in another customer's order profile.


2:44:58 PM      comment []

Dreamweaver MX 6.1 update released - In all the excitement of the Contribute and DRK2 Launches, I did not explicitly mention that the bug fix for DMX is in fact avaliable from the MM site. The update fixes a number of bugs. In what I think is utterly counterintuitive though, this update is called the "Dreamweaver Update for Contribute"... Regardless  of the name, you should be installing this update. It fixes some really annoying things that you may run into.
8:56:50 AM      comment []

  © Copyright 2003 Matt Brown.
Last update: 1/1/2003; 9:52:53 AM.

December 2002
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
Nov   Jan

Matt Brown's Blog
Mike Chambers' Blog
John Dowdell's Blog
Bob Tartar's Blog
Jeremy Allaire's Blog

Gareth Downes-Powell's Site
Dan Short's Blog
Nancy Gill's Blog




Search the Blog


Any word All words Exact phrase
Site Meter