diff options
author | Melanie | 2010-10-02 20:11:43 +0100 |
---|---|---|
committer | Melanie | 2010-10-02 20:11:43 +0100 |
commit | 6fc1ceb2ee3888edae6e99fcbf59e79910058cc9 (patch) | |
tree | 2541691f927a999c67847493e1997679d2c51495 /OpenSim/Region/UserStatistics/ActiveConnectionsAJAX.cs | |
parent | Reapplying the parts of the prior revert that were not derived from the (diff) | |
download | opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.zip opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.gz opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.bz2 opensim-SC_OLD-6fc1ceb2ee3888edae6e99fcbf59e79910058cc9.tar.xz |
So, the client can have an old idea of the object properties for the object when it goes to buy. This can cause a problem in the buy process. Additionally Hazim mentioned that the buy packets are spoofable. The core modules are the crowing glory example of best practice :P, so therefore, setting the example here, Validate Client sent Buy Data. WebAppSecurity 101, Never trust a client. Validate Validate Validate! Or you'll have problems whether intentional or not.
Diffstat (limited to 'OpenSim/Region/UserStatistics/ActiveConnectionsAJAX.cs')
0 files changed, 0 insertions, 0 deletions