[Chameleon] Security (Password visible)?
Julien-Samuel Lacroix
jlacroix at dmsolutions.ca
Mon Apr 12 12:46:04 EDT 2004
Hi,
The best (and cleaner) way to avoid this, I think, is to build your own
widget on the top of the SQLQuery one. So in this new widget you will be
able to specify the user/password. You can also put your templates in a
directory that is not web-visible. With Chameleon 1.1, your service
instance loads the template, so it does not have to be web-visible.
Julien
pxniw pxniw wrote:
> I am using SQLQuery widget, and wondering why the
> password has to be visible right on the .html source.
>
> I.e. if some one knows where .html page is and then
> just look for source they will see:
>
> <CWC2 Type="SQLQuery" SharedResourceName="MyResult"
> SQLQuery="SELECT * FROM test" Server="localhost"
> Database="testdb" USERNAME="testuser"
> PASSWORD="testpass"/></cwc2>
>
> Any suggestions how to prevent this?
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - File online by April 15th
> http://taxes.yahoo.com/filing.html
> _______________________________________________
> Chameleon mailing list
> Chameleon at lists.maptools.org
> http://lists.maptools.org/mailman/listinfo/chameleon
>
--
------------------------------------------------------------
Julien-Samuel Lacroix jlacroix at dmsolutions.ca
DM Solutions Group http://www.dmsolutions.ca/
------------------------------------------------------------
More information about the Chameleon
mailing list