[TYPO3-english] Security non sense in felogin ?
Tonix (Antonio Nati)
tonix at interazioni.it
Mon Sep 27 18:28:56 CEST 2010
I'm examining felogin (TYPO3 4.2), and I see each time it publishes an
hidden field with the storage PID of users.
Is there any reason to publish such information on website, when there
are dozens of ways to pass the information to plugin?
If I force a logout, adding a simple logintype=Logout, without pid
field, it works without problems. So why adding this internal information?
Regards,
Tonino
--
------------------------------------------------------------
Inter at zioni Interazioni di Antonio Nati
http://www.interazioni.it tonix at interazioni.it
------------------------------------------------------------
More information about the TYPO3-english
mailing list