Hello, how secure is the contact form of Freeway Pro 7 vs. XSS and injections? Or other attacks against spam?
Thanks Romano
freewaytalk mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options
Both the PHPFF and SF Actions include a “honeypot” for trapping obvious 'bots. Neither of them support file uploads, or modify the displayed page (as a forum might, for example) so uploads of scripts are limited in their attack surface to whatever will run in a mail application. If your client is using Gmail, then it’s going to appear in a browser, but Google will scrub any nasties out of the message body (I hope!). Neither of these Actions involve a database at all, so the risk of SQL injection is entirely off the table.
These Actions do less, and therefore have fewer attack surfaces.
Walter
On Mar 31, 2017, at 9:09 AM, Romano Casanova email@hidden wrote:
Hello, how secure is the contact form of Freeway Pro 7 vs. XSS and injections? Or other attacks against spam?
Thanks Romano
freewaytalk mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options
freewaytalk mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options