aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/Servers/HttpServer
diff options
context:
space:
mode:
authorMelanie2010-10-02 20:11:43 +0100
committerMelanie2010-10-02 20:11:43 +0100
commit6fc1ceb2ee3888edae6e99fcbf59e79910058cc9 (patch)
tree2541691f927a999c67847493e1997679d2c51495 /OpenSim/Framework/Servers/HttpServer
parentReapplying the parts of the prior revert that were not derived from the (diff)
downloadopensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.zip
opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.gz
opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.bz2
opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.xz
So, the client can have an old idea of the object properties for the object when it goes to buy. This can cause a problem in the buy process. Additionally Hazim mentioned that the buy packets are spoofable. The core modules are the crowing glory example of best practice :P, so therefore, setting the example here, Validate Client sent Buy Data. WebAppSecurity 101, Never trust a client. Validate Validate Validate! Or you'll have problems whether intentional or not.
Diffstat (limited to 'OpenSim/Framework/Servers/HttpServer')
0 files changed, 0 insertions, 0 deletions