cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Jones <iggyflashb...@yahoo.com>
Subject sql taglib security problem?
Date Tue, 06 Jun 2000 19:33:45 GMT
I noticed that if the the database is down, <query>
tags get expanded into the enclosed query string,
rather than an error message. This seems like a
security risk, maybe it should be more like the oracle
xsql tags that print an error message instead, like:

Oracle XSQL Servlet Page Processor 1.0.0.0
(Production)
XSQL-007: Cannot acquire a database connection to
process page.
ORA-01034: ORACLE not available

-Matt


__________________________________________________
Do You Yahoo!?
Yahoo! Photos -- now, 100 FREE prints!
http://photos.yahoo.com

Mime
View raw message