I just noticed that when I print an invoice from either the 'order' module or the 'super order' module, the path to my admin directory prints at the top of the page, thus exposing the name of my admin directory!!
I am trying to figure out what page controls that, so that I can remove it. Can anyone direct me?
Found the answer... It is controlled by browser settings. I disabled printing the header in the browser and that did it. I do wonder, though, if a code revision could prohibit this in the first place. I wonder how many have noticed this or simply NOT noticed it, and sent out invoices with the path to their admin directory on them. Perhaps this warning should be added to the security setup page .
Thanks
Thread: security loophole??
Results 1 to 2 of 2
-
7 Aug 2006, 08:47 PM #1
Zen Follower
- Join Date
- Feb 2006
- Posts
- 326
- Plugin Contributions
- 0
security loophole??
Last edited by styledata; 7 Aug 2006 at 08:54 PM.
Give us your best shot!
http://www.photoimprints.com
-
7 Aug 2006, 09:58 PM #2
Totally Zenned
- Join Date
- Jan 2005
- Location
- Tennessee
- Posts
- 1,128
- Plugin Contributions
- 0
Re: security loophole??
Good point. I added this subject to the wiki at
http://www.zen-cart.com/wiki/index.p...ecommendations
Similar Threads
-
Pay Pal 10002 Security error - Security header is not valid
By flex67 in forum PayPal Express Checkout supportReplies: 9Last Post: 7 Dec 2010, 08:55 PM -
Shipping Loophole?
By Ambitions in forum General QuestionsReplies: 7Last Post: 9 Jun 2010, 06:45 PM -
10002 Security error - Security header is not valid
By RoutersWholesale in forum PayPal Express Checkout supportReplies: 2Last Post: 13 May 2010, 06:12 AM -
FREE SHIPPING! Loophole?
By sublime19 in forum Built-in Shipping and Payment ModulesReplies: 8Last Post: 30 Mar 2010, 01:32 AM -
10002 Security error - Security header is not valid
By Patrick Sheffield in forum PayPal Express Checkout supportReplies: 7Last Post: 9 Jan 2008, 11:12 AM
