[cgiapp] LinkIntegrity vs ValidateQuery plugin?
Ron Savage
ron at savage.net.au
Thu Apr 16 18:32:49 EDT 2009
Hi Mark
On Tue, 2009-04-14 at 22:59 -0700, Mark Fuller wrote:
> On Tue, Apr 14, 2009 at 8:16 AM, Mark Stosberg <mark at summersault.com> wrote:
> >
> > However, only validation can check if in fact I have all parameters I
> > need in the right format. That protects against the case where my
> > application generates a link with a valid checksum, but somehow has the
> > wrong data in it. If I skipped validation in the receiving run mode, I
> > open myself up for a garbage-in/garbage-out problem, or perhaps worse.
>
> Wouldn't this be best solved by storing the links (or the checksum for
> a link) in a session? When they perform their next activity, the
> runmode checks to see if it (and the parameters on the URL) was one of
> the expected run modes when the previous page was displayed?
That sounds like a great idea. I'm not sure about the size of sessios,
though. Perhaps that's the sort of thing to be put in a db table, or a
BerkeleyDB table.
--
Ron Savage
ron at savage.net.au
http://savage.net.au/index.html
More information about the cgiapp
mailing list