Input setting password can not be secrect? Can it be sent back to creater!

Tao Guan

Пользователь
Регистрация
24.05.2018
Сообщения
73
Благодарностей
0
Баллы
6
Hello,
When I use input setting, I create password input form.
When I sell this project to my customer, when he fill password by input setting, I can get his password by http get/post. My customer ask me how about this situtation? Password can not be secret???!!!
Thank you!
 

VladZen

Administrator
Команда форума
Регистрация
05.11.2014
Сообщения
22 457
Благодарностей
5 913
Баллы
113

Tao Guan

Пользователь
Регистрация
24.05.2018
Сообщения
73
Благодарностей
0
Баллы
6

VladZen

Administrator
Команда форума
Регистрация
05.11.2014
Сообщения
22 457
Благодарностей
5 913
Баллы
113
I don not want their password honestly, but I just have a try. If my customer ask this question, how can I answer to him?"I can't get your password", doesn't he believe?
This is not a big deal...Password in Input settings is just to access the project, not whole program. If you sell project to zennobox, project is usually encrypted to access only for this user without any password, and if to zennoposter, you can also give permissions access to certain users. I don't see any point in using password.
 

Tao Guan

Пользователь
Регистрация
24.05.2018
Сообщения
73
Благодарностей
0
Баллы
6
This is not a big deal...Password in Input settings is just to access the project, not whole program. If you sell project to zennobox, project is usually encrypted to access only for this user without any password, and if to zennoposter, you can also give permissions access to certain users. I don't see any point in using password.
Actually, I create a project and this project need website password, so I add Input setting to user to input.
I save this password into Viariable "marathonbet_password".
And then user uses my project, he fill in password input, then his password will be save into Viariable "marathonbet_password", right?
When I write HTTP get/post in the project, which can sent the Viariable "marathonbet_password" back to me, right?
So....the question is that some user can think about this question.....
 

VladZen

Administrator
Команда форума
Регистрация
05.11.2014
Сообщения
22 457
Благодарностей
5 913
Баллы
113
Actually, I create a project and this project need website password, so I add Input setting to user to input.
I save this password into Viariable "marathonbet_password".
And then user uses my project, he fill in password input, then his password will be save into Viariable "marathonbet_password", right?
When I write HTTP get/post in the project, which can sent the Viariable "marathonbet_password" back to me, right?
So....the question is that some user can think about this question.....
This should be prevented on your side, don't make such http requests and steal user passwords!)
As workaround, I can suggest you adding WaitForUserAction option, which allows to open browser instance for some time and perform manual actions. in it.
Thus, user can enter password manually on a website.
 

Tao Guan

Пользователь
Регистрация
24.05.2018
Сообщения
73
Благодарностей
0
Баллы
6

Кто просматривает тему: (Всего: 1, Пользователи: 0, Гости: 1)