How do I set up and use a "whitelist" for forms?

•

What is DaniWeb IT Discussion Community?

You're currently browsing the Legacy and Other Languages section within the Software Development category of DaniWeb, a massive community of 361,546 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,033 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.

Join our community!

Please support our Legacy and Other Languages advertiser:

Thread Tools Display Modes

Views: 231 | Replies: 0

•

Join Date: May 2008

Location: San Diego, California

Posts: 3

Reputation: elaurvick is an unknown quantity at this point

Rep Power: 0

Solved Threads: 1

elaurvick

Offline

Newbie Poster

How do I set up and use a "whitelist" for forms?

May 8th, 2008

I've searched every forum and tutorial I can think of and no one has discussed or described this.

ScanAlert objects to the "redirect" statement in our forms, which sends the customer to a "Thank You" page on the site. They claim the redirect statement makes it possible for hackers to insert additional URLs of their choosing and set up a phishing scheme. Their solution is for me to set up a whitelist, containing the pages for which the redirect is valid, to prevent it. The problem is I have no idea how to set up this whitelist or how to use it. Has anyone done this? We're using simple Formmail, with basic forms that collect only contact information. They're going to pull the HackerSafe logo if I don't fix it, so I'd appreciate any help I can get.