Protecting URLs

> WAProtectionFilter
>
> -Boris
>
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf Of John Toohey
> Sent: Wednesday, November 23, 2011 12:27 PM
> To: Seaside - general discussion
> Subject: [Seaside] Protecting URLs
>
> I'm wondering if there is a filter available that can check if a session parameters was created from the same IP as the incoming request? I'm trying to address the emailing of URLs by my users, and having them dropped into a running session. Would using SSL be a better solution?
>
> Wondering what others are doing to prevent this.
>
> --
> ~JT
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>

> Do I need to do anything besides configure my app with that filter?
> Not finding much help on Google searching for it.
>
> On Wed, Nov 23, 2011 at 12:28, Boris Popov, DeepCove Labs
> <[hidden email]> wrote:
>> WAProtectionFilter
>>
>> -Boris
>>
>>
>> -----Original Message-----
>> From: [hidden email] [mailto:[hidden email]] On Behalf Of John Toohey
>> Sent: Wednesday, November 23, 2011 12:27 PM
>> To: Seaside - general discussion
>> Subject: [Seaside] Protecting URLs
>>
>> I'm wondering if there is a filter available that can check if a session parameters was created from the same IP as the incoming request? I'm trying to address the emailing of URLs by my users, and having them dropped into a running session. Would using SSL be a better solution?
>>
>> Wondering what others are doing to prevent this.
>>
>> --
>> ~JT
>> _______________________________________________
>> seaside mailing list
>> [hidden email]
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>
>> _______________________________________________
>> seaside mailing list
>> [hidden email]
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>
>>
>
>
>
> --
> ~JT
>

> In my session component I added this :-
>
> initialize
>        |f|
>        super initialize.
>        f := WAProtectionFilter new.
>        self addFilter: f.
>
> I had to upload my image to my remote servers to test the filter, but
> not all I get is a Forbidden message whenever anyone tries to login.
> Is there more that I need to do to use this filter?
>
>
> On Wed, Nov 23, 2011 at 12:42, John Toohey <[hidden email]> wrote:
>> Do I need to do anything besides configure my app with that filter?
>> Not finding much help on Google searching for it.
>>
>> On Wed, Nov 23, 2011 at 12:28, Boris Popov, DeepCove Labs
>> <[hidden email]> wrote:
>>> WAProtectionFilter
>>>
>>> -Boris
>>>
>>>
>>> -----Original Message-----
>>> From: [hidden email] [mailto:[hidden email]] On Behalf Of John Toohey
>>> Sent: Wednesday, November 23, 2011 12:27 PM
>>> To: Seaside - general discussion
>>> Subject: [Seaside] Protecting URLs
>>>
>>> I'm wondering if there is a filter available that can check if a session parameters was created from the same IP as the incoming request? I'm trying to address the emailing of URLs by my users, and having them dropped into a running session. Would using SSL be a better solution?
>>>
>>> Wondering what others are doing to prevent this.
>>>
>>> --
>>> ~JT
>>> _______________________________________________
>>> seaside mailing list
>>> [hidden email]
>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>>
>>> _______________________________________________
>>> seaside mailing list
>>> [hidden email]
>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>>
>>>
>>
>>
>>
>> --
>> ~JT
>>
>
>
>
> --
> ~JT
>