Joined: 25 Jan 2005 Posts: 0 Location: Somewhere in the cold, frozen north (Anchorage, AK)
Posted: Wed Jan 26, 2005 9:08 pm Post subject: MySQL connection string in HTML::Mason errors
Does anyone have experience with HTML::Mason in an Apache/MySQL application? I'm a Mason noob, and here's the problem I am trying to solve:
When there is an error in a web page generated with HTML::Mason, Apache coughs up a few lines of code in the error message. As long as that code doesn't occur in the beginning of the program, that's not *too* much of a security issue, but when it occurs near the connection string that creates the database handle, the security implications become much more frightening, since the connection string contains the database server name, user name and password to connect to the MySQL database.
I can think of two ways to work around this problem:
1) Don't use a password to connect to the database (YIKES!);
2) Offset the connection string from the rest of the code by enough whitespace to prevent HTML::Mason/Apache from displaying the connection string.
Neither one of these work arounds are ideal, #1 for obvious reasons, and #2 because it doesn't solve the problem--just the symptom. Besides, I don't necessarily want other parts of my code dumped to the web page, anyway. Is there any way to prevent HTML::Mason from displaying code once a page is live on the Internet?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Featured Links*
Looking for more Windows Networking info?
Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing! View a sample newsletter.
Become a WindowsNetworking.com member!
Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!