From: tomas@tuxteam.de
To: Mike Gerwitz <mtg@gnu.org>
Cc: guile-user@gnu.org
Subject: Re: mailmam, web bridge, forum, p2p
Date: Sun, 27 Oct 2019 09:36:18 +0100 [thread overview]
Message-ID: <20191027083618.GD27935@tuxteam.de> (raw)
In-Reply-To: <87zhhmssfq.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 2767 bytes --]
On Sun, Oct 27, 2019 at 12:50:17AM -0400, Mike Gerwitz wrote:
> To make sure I see replies, please include me in the recipient list (not
> just the mailing list). I missed this at first.
>
> On Sat, Oct 26, 2019 at 09:48:37 +0200, tomas@tuxteam.de wrote:
> >> Passing session tokens via GET requests is a bad idea, because that
> >> leaks the token.
> >
> > Even in https?
Thanks for this complete account. I appreciate it very much!
> Transport is only part of the problem.
> Query parameters are also leaked to webserver access logs;
That's true -- but I'd call that "category B". The server realm
is full with sensitive data, and the logs are part of that.
> they can leak to 3rd party logs via the referrer header (I
> sometimes see sensitive data in my webserver logs from other
> domains);
That's more serious ("category A") -- third parties get to look
into sensitive data. The application has to take care of links
pointing to the "outside".
If we're trying to pull off this, we'll have to think hard
about this one.
> they're retained in browser history and written to disk;
Again "category B". The browser's cookie jar is, after all,
also there for all to see. As a forensics analyst or a data
"thieve", I'd take with me the whole browser subdir, anyway.
> may show up in proxy logs (e.g. when passing through load
> balancers); could be easily pasted unwittingly to third parties (e.g. a
> user sharing a link with someone else); etc.
Only for plain http (unless it's one of those corporate proxies
with an "open-all" root certificate, that is).
> Back in what feels like a previous lifetime by now, I used to do a lot
> of work with phpBB2, which had an option to either store sessions in
> cookies or place PHPSESSID in the URL. It modified every link to
> include a session id. It tried to mitigate the issue by checking the
> source IP address, but if you were logged on the same network (e.g. in
> the same place of employment; school; library; etc), then sharing a link
> would lead to session hijacking.
This all is in the context of plain http, I guess.
> Such link rewriting schemes also cause other types of problems. For
> example, you may be able to cache most of the generated HTML (except for
> e.g. the header) regardless of what user is logged in. But if you have
> to inject tokens into all links, that type of caching isn't useful.
Yes. But this has lost most of its bite in the last decade or
so. Machines have increased in power (speed, RAM) faster than
the network. Apart from really high-volume sites, where you
start thinking about load balancers, CDNs, etc. I think a bit
of server-side template substitution will drown in the noise.
Cheers
-- t
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2019-10-27 8:36 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-20 6:10 Diversification [ branched from Re: conflicts in the gnu project now affect guile] Todor Kondić
2019-10-20 6:14 ` John Cowan
2019-10-21 6:35 ` Arne Babenhauserheide
2019-10-21 13:45 ` Amirouche Boubekki
2019-10-23 6:16 ` Amirouche Boubekki
2019-10-23 6:27 ` Nala Ginrut
2019-10-23 6:48 ` pelzflorian (Florian Pelz)
2019-10-23 10:37 ` Chris Vine
2019-10-23 11:25 ` pelzflorian (Florian Pelz)
2019-10-23 12:33 ` pelzflorian (Florian Pelz)
2019-10-23 13:47 ` tomas
2019-10-23 14:10 ` pelzflorian (Florian Pelz)
2019-10-23 19:09 ` Mikael Djurfeldt
2019-10-23 19:26 ` pelzflorian (Florian Pelz)
2019-10-23 19:19 ` Zelphir Kaltstahl
2019-10-24 1:01 ` Nala Ginrut
2019-10-24 9:19 ` pelzflorian (Florian Pelz)
2019-10-24 9:35 ` mailmam, web bridge, forum, p2p (was: Diversification) Amirouche Boubekki
2019-10-24 12:30 ` pelzflorian (Florian Pelz)
2019-10-24 14:15 ` Nala Ginrut
2019-10-24 16:39 ` Zelphir Kaltstahl
2019-10-24 23:42 ` Nala Ginrut
2019-10-25 1:39 ` mailmam, web bridge, forum, p2p Mike Gerwitz
2019-10-26 7:48 ` tomas
2019-10-26 10:35 ` Nala Ginrut
2019-10-26 11:34 ` tomas
2019-10-27 4:50 ` Mike Gerwitz
2019-10-27 5:32 ` Mike Gerwitz
2019-10-27 8:50 ` tomas
2019-10-27 8:36 ` tomas [this message]
2019-10-27 14:26 ` Keith Wright
2019-10-27 19:28 ` Zelphir Kaltstahl
2019-10-25 6:08 ` mailmam, web bridge, forum, p2p (was: Diversification) pelzflorian (Florian Pelz)
2019-10-25 6:23 ` Nala Ginrut
2019-10-26 4:31 ` mailmam, web bridge, forum, p2p Mike Gerwitz
2019-10-26 9:35 ` pelzflorian (Florian Pelz)
2019-10-26 11:31 ` tomas
2019-10-24 13:32 ` mailmam, web bridge, forum, p2p (was: Diversification) tomas
2019-10-24 15:03 ` Nala Ginrut
2019-10-24 15:12 ` tomas
2019-10-24 16:35 ` Zelphir Kaltstahl
2019-10-26 8:04 ` tomas
2019-10-26 9:42 ` pelzflorian (Florian Pelz)
2019-10-26 11:31 ` tomas
2019-10-25 11:30 ` Mikael Djurfeldt
2019-10-25 12:53 ` Nala Ginrut
2020-09-05 6:15 ` Diversification [ branched from Re: conflicts in the gnu project now affect guile] Joshua Branson via General Guile related discussions
2020-09-05 11:50 ` Web development Zelphir Kaltstahl
2020-09-05 13:09 ` Ricardo Wurmus
2019-10-28 11:04 ` mailman web interface (was: Diversification) pelzflorian (Florian Pelz)
2020-07-08 12:32 ` pelzflorian (Florian Pelz)
2020-09-05 6:21 ` mailman web interface Joshua Branson via General Guile related discussions
2020-09-05 7:53 ` pelzflorian (Florian Pelz)
2020-09-05 13:32 ` Joshua Branson
2019-10-23 13:43 ` Diversification [ branched from Re: conflicts in the gnu project now affect guile] tomas
2019-10-23 17:39 ` Chris Vine
2019-10-23 19:58 ` Mailman web interface [was: Re: Diversification] pelzflorian (Florian Pelz)
2019-10-23 20:02 ` Diversification [ branched from Re: conflicts in the gnu project now affect guile] pelzflorian (Florian Pelz)
2019-10-26 8:14 ` tomas
2019-10-26 9:03 ` pelzflorian (Florian Pelz)
2019-10-26 11:26 ` tomas
2019-10-26 13:02 ` Zelphir Kaltstahl
2019-10-26 15:23 ` tomas
2019-10-26 16:47 ` pelzflorian (Florian Pelz)
2019-10-26 17:09 ` pelzflorian (Florian Pelz)
[not found] ` <874kzslwq0.fsf@elephly.net>
2019-10-28 15:41 ` pelzflorian (Florian Pelz)
2019-10-23 13:45 ` tomas
2019-10-20 8:07 ` pelzflorian (Florian Pelz)
2019-10-20 8:08 ` pelzflorian (Florian Pelz)
2019-10-22 18:47 ` Mark H Weaver
2019-10-22 19:23 ` Zelphir Kaltstahl
2019-10-22 20:51 ` Arne Babenhauserheide
2019-10-22 23:24 ` Chris Vine
2019-10-23 0:57 ` Zelphir Kaltstahl
2019-10-23 6:44 ` pelzflorian (Florian Pelz)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/guile/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191027083618.GD27935@tuxteam.de \
--to=tomas@tuxteam.de \
--cc=guile-user@gnu.org \
--cc=mtg@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).