cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Jones <>
Subject sql taglib security problem?
Date Tue, 06 Jun 2000 19:33:45 GMT
I noticed that if the the database is down, <query>
tags get expanded into the enclosed query string,
rather than an error message. This seems like a
security risk, maybe it should be more like the oracle
xsql tags that print an error message instead, like:

Oracle XSQL Servlet Page Processor
XSQL-007: Cannot acquire a database connection to
process page.
ORA-01034: ORACLE not available


Do You Yahoo!?
Yahoo! Photos -- now, 100 FREE prints!

View raw message