Fedora Security and the Uverse 3800HGV-B router
JD
jd1008 at gmail.com
Sun Jul 3 01:31:28 UTC 2011
On 07/02/2011 06:25 PM, Reindl Harald wrote:
>
> Am 03.07.2011 03:18, schrieb JD:
>
>> Quote:
>> /" ...Javascript/ is a client language, but you /can/ combine it whit a
>> server language to /delete files/. in PHP you /can/ use unlink()
>> function to /delete file/. *...*"
>> http://digitarald.de/forums/topic.php?id=110
> and this is the best example why you should be quite!
>
> in PHP you can delete files FROM THE SERVER
>
> but javascript does run in the client and so it can do this only
> if somebody puts a script on the server which allows delete files
> and does not sanitize parameters - but for what whould i need
> javascript in this case? to navigate to the url? to delete files
> from the server has NOTHING to do with javascript
>
> so what will you tell us?
> that you are a noob and picking some documents you do not understand?
> everybody here has realized this long ago!
>
And you ignore:
"...JavaScript has a more troubling history of security holes...."
http://www.w3.org/Security/Faq/wwwsf2.html
More information about the users
mailing list