ApacheWeek: Issue 205 30th June 2000

By ServerWatch Staff (Send Email)
Posted Jun 30, 2000


In this issue: Book Review: Administering Apache, In the news, Featured articles and Ooops.

"MySQL goes open-source
VA Linux and MySQL have joined forces to make MySQL an open-source technology. The idea is to help accelerate development and use of the popular database query language - one of the most popular for Linux. This means MySQL has become available under the GPL allowing programmers from around the globe to contribute to the development of the project. MySQL can be integrated easily with Apache, and PHP provides a perfect interface between the two...." In this issue: Book Review: Administering Apache, In the news, Featured articles and Ooops.

"Ooops
Thanks to the eagle-eyed readers who spotted the problems with one of the articles that we featured in last weeks Apache Week (issue #204). In part two of "Learning Perl/CGI for Apache," Geeks404 give a CGI script that displays data passed in from a form. However as we reported in February, (issue #188), without proper encoding when displaying entered data, users can embed malicious HTML tags. This type of attack can be used, for example, to steal users cookies."

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.