Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: OT: client vs. server-side validation (was: Are the data u
 On Monday 24 February 2003 17:40, K. Ari Krupnikov wrote: > "Alaric B. Snell" <alaric@a...> writes: > > You can sometimes have fun with shopping sites that use third party > > credit card payment systems by getting to the page that has the form that > > submits to the third party, saving it to disk, editing the hidden fields > > for 'amount' to a smaller number but leaving the order number intact, > > then submitting it. > > I keep hearing it... Have you actually seen this exploited? Don't > implicate yourself, if you had a *friend* who did, that should be > enough to satisfy my curiosity. Not a friend, but a friend of a friend! This was a couple of years ago. Hrm, I think it may have been mentioned in NTK? http://www.ntk.net/ But I've not had any luck getting search terms that pick it up... > > Ari. > ABS -- A city is like a large, complex, rabbit - ARP 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
