WebApp Sec mailing list archives
Re: advice needed - secure transfer of client details
From: Richard Moore <rich () westpoint ltd uk>
Date: Tue, 02 Nov 2004 13:00:10 +0000
Tim James wrote:
This is a brain teaser. I have an application to review which supplies details from the client's workstation (derived from files on disk, hostname, IP address). It currently implements a Java applet whose job is to obtain these details and send them up to theserver in an ordinary HTTP POST.
You can at least get the IP address at the server end by examining the peer address of the socket the POST request comes in on. Cheers Rich. -- Richard Moore, Principle Software Engineer, Westpoint Ltd, Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England Tel: +44 161 237 1028 Fax: +44 161 237 1031
Current thread:
- advice needed - secure transfer of client details Tim James (Oct 29)
- New Whitepaper - "Second-order Code Injection Attacks" WebAppSecurity [Technicalinfo.net] (Nov 01)
- Re: advice needed - secure transfer of client details Peter Conrad (Nov 01)
- Re: advice needed - secure transfer of client details Ido Rosen (Nov 01)
- Re: advice needed - secure transfer of client details focus (Nov 01)
- Re: advice needed - secure transfer of client details GuidoZ (Nov 01)
- Re: advice needed - secure transfer of client details Alex Russell (Nov 01)
- Re: advice needed - secure transfer of client details Richard Moore (Nov 05)
- <Possible follow-ups>
- RE: advice needed - secure transfer of client details Michael Silk (Nov 01)
- RE: advice needed - secure transfer of client details Scovetta, Michael V (Nov 01)
- RE: advice needed - secure transfer of client details Glenn_Everhart (Nov 05)
- re: advice needed - secure transfer of client details Tim James (Nov 05)