- From: Martin J. Dürst <duerst@it.aoyama.ac.jp>
- Date: Tue, 01 Dec 2009 13:28:20 +0900
- To: Tyler Close <tyler.close@gmail.com>
- CC: Adam Barth <w3c@adambarth.com>, Julian Reschke <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
On 2009/12/01 4:00, Tyler Close wrote: > Consider a webbot that sends a PUT request to a resource on the > open Internet, which responds with a 307 to a resource behind the same > firewall as the webbot. The webbot has essentially punched a hole in > the firewall. Yes, the webbot has done this. One has to be very careful when running stuff such as webbots, make sure they are either inside or outside the firewall, but not both, unless you know exactly what you're doing. This not only applies to PUTs, but also to GETs. On the other hand, if I write (e.g. using libcurl or whatever) a "webbot" that periodically checks the balance on one of my bank accounts and transfers money from another bank account of mine if the balance on the first bank account is low, then I don't see why anybody would want to forbid this. Regards, Martin. -- #-# Martin J. Dürst, Professor, Aoyama Gakuin University #-# http://www.sw.it.aoyama.ac.jp mailto:duerst@it.aoyama.ac.jp
Received on Tuesday, 1 December 2009 04:29:24 UTC