APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How do I prevent users from changing data using "Tamper Data"

906740Dec 21 2011 — edited Mar 12 2012

Hello,

I created an application with SSP and successfully generated the &cs=xxxx in the URL.
When the user changes something in the URL, the page errored out as expected for URL Tampering.

However, one user used "Tamper Data" -- a Mozilla add-on -- to intercept the data, changed some paramater,
and was able to post/submit the form successfully, bypassing any checksum in the URL.

Any ideas on how I can preven this?

Sonia

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 9 2012

Added on Dec 21 2011

#apex, #apex-discussions, #security

3 comments

785 views