Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Wow I like that. So simple and elegant. Could be combined with a username to produce unique urls per user.


A miss configured http server that allows directory listing would compromise everything.

Also now all intermediate things that have access to the hashed url would suddenly have access to a secure piece of information.

Don’t be clever with security


You can always put an index.html to prevent that mistake.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: