Set security to ewbv11.asp

Set security to ewbv11.asp

Postby alainpp » Thu Jan 22, 2015 10:41 am

It would be nice and more secure to be able to set permission to the file (ewbv11.asp) that handle the ability to show the attachments:

I think that the minimum security is to be able to specify if login is required to view any file.


Your application require login to show any type of content / information. You have a table or several tables where you upload files/pictures. The problem is that if someone access this file:

www domain dot com/ewbv11.asp?fn=uploads/picture.jpg

They would be able to see the picture/attachment even if they are not logged in.
Posts: 51
Joined: Tue Apr 02, 2013 8:01 pm

Return to Feature Requests (ASPMaker)