[horde] Security related.

Chuck Hagenbuch chuck at horde.org
Tue May 22 14:54:36 UTC 2007

Quoting Anant Athavale <asa at isac.gov.in>:

>> Nope. He's just using VB like a browser. He can't do anything you
>> can't do from a browser.
> but, how does the session is maintained?

Either by passing the cookie or by putting the session id in the URL.  
You can disable URL-based sessions if it's the latter and you don't  
mind requiring your users to enable cookies.

> It was in my sent mail.  I do not know, how it missed in the list.   
> Attaching again.

The list allows a very limited set of attachment types to prevent spam.


More information about the horde mailing list