Archive for October, 2007

Security Updates for CGI posts

Saturday, October 27th, 2007

Added a Check post URI function to all CGI files, and Added 2 methods of security to main Output CGI files to check for un-authorised DOM elements, etc.

The security is ‘very basic’, and – the POST page could/should be automated (as with $$$ quote button in KitCADi3) with a “loading screen” while performing the POST, hidden textfield or form element, etc.

The Canvas output for KitCADi3 contains the biggest hole (and may be modified like the wpfe output).