[imp] Faking the login

Milos Prudek milos.prudek@tiscali.cz
Wed, 09 Jan 2002 20:12:05 +0100

Previous message: [imp] Faking the login
Next message: [imp] Faking the login
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Barry Flanagan wrote:
> 
> On Wednesday 09 January 2002 17:32, you wrote:
> > Hello.
> >
> > Does anyone know if I can "fake" a login to IMP like I could with
> > "remote_login.php3" in PHP 2, by passing the appropriate variables to the
> > script somehow.
> >
> 
> Use imp/redirect.php as your form ACTION, and post hidden vars 'imapuser' and
> 'pass'

This will work, but it is a security risk (unless all visitors are
inside intranet).

The hidden vars appear in page source, and consequently on any
(transparent) cache on the way.

--
Milos Prudek

Previous message: [imp] Faking the login
Next message: [imp] Faking the login
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]