Re: SSL & ASP Code ??

From: David Wang [Msft] (someone@online.microsoft.com)
Date: 02/28/03 

From: "David Wang [Msft]" <someone@online.microsoft.com>
Date: Fri, 28 Feb 2003 02:10:35 -0800

The code in question isn't worth fretting about. Incidentally, also allows
your site to be used in a Cross Site Scripting attack, so I wouldn't deem it
as secure in the least. It simply makes a 302 redirection of the opposite
kind based on whether the request is secure or not.

So, I think you are really just asking about how to use the ASP Include
directive to include another script content because after that, invoking any
functions inside that script content is a straightforward function call.

Note that with <!-- #INCLUDE FILE="secure.inc" --> , secure.inc must be in
the same directory as the ASP page, which is far from secure as well. 

--
//David
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Wayne & Carr" <NoSpam@spam.net> wrote in message
news:#e0otbv3CHA.2644@TK2MSFTNGP11.phx.gbl...
Hello All;
At the following link, is a code that allows you to make a call to a file,
that with the
[   call MakeSecure() ] <-- Function.
I have never dealt with ASP code like this before, And am having trouble
with how to create the file??
(I created the file as a "secure.inc" and made this call <!--#INCLUDE
FILE="secure.inc"--> ) But this will not work. And it says to make the
proper call that you want, Like if you want the visitor to be in a secure
page. Then
Call MakeSecure()
But where and how to put it??
http://www.itworld.com/nl/asp_tutor/01292001/
Please someone take a look at this, I would really like to implement this
into my pages, And I think that with this, I should be able to set up my
"Test Secure Order Page"
Please help someone.
Thank You
Wayne
--
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Wayne & Carr Barron
Carrz-Fox-Fire Promotions..
http://www.carrz-fox-fire.com
Delphi Fire Security Resources Site...
http://delphi.carrz-fox-fire.com
Eric Carr Tribute
http://eric-carr.carrz-fox-fire.com
Carrz DreamMaster {Web & Graphics Programming}
http://www.carrz-dreammaster.com
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Relevant Pages

  • Re: Password Script
    ... Our script calculates a random password based on a pattern ("Cvccvc" would ... Adding randomized values and outputting the final result to a secure text ...
    (microsoft.public.windows.server.scripting)
  • Re: Receiving Secure FP Web Form Data
    ... I think what you are looking for is a form.CGI to file script which, ... syntax for the form posted on a secure URL: ... FormCGI takes form input and emails you or writes out to a file, ... Using FormCGI to accept file attachments: ...
    (microsoft.public.frontpage)
  • Re: Enabling telnet, ftp, pop3 for root...
    ... I meant, in your words, 'secure enough'. ... Any script kiddie can attack vulnerabilities in your knockd (or whatever ... that's security by obscurity" When I was securing a port by SHUTTING ...
    (alt.os.linux)
  • Re: Must-have Active Directory Tools
    ... secure and organized AD. Can't believe anyone would consider it a must have tool. ... Joe Richards Microsoft MVP Windows Server Directory Services ... It is plain awesome, and miles above using a plain ol VB script. ...
    (microsoft.public.windows.server.active_directory)
  • Secure access to a SQL Server database
    ... securely accessing SQL Server. ... script text, computer launched from, user launching. ... the hash value that gets authenticated against the secure table. ... ASP Currently we use SQL Server authentication and stuff something in a ...
    (microsoft.public.sqlserver.security)
Loading