Helpful Guide to Update Legacy Code

1 post / 0 new
STWSupport's picture
STWSupport
Offline
Joined: 12/21/2012
Visit STWSupport's Website

We have been supporting certain “legacy code” and even a known security loophole via the simple method that really needs to be corrected. These requests have been honored, for years, despite our continued warnings. However, we felt that the migration, which took a couple of years to complete, was the right time to close the security loophole.

Unfortunately, we then learned how many people are still making those requests. All of those requests began to be blocked with “Bad Request; Update Your Code” messages. As a result of numerous complaints, by those who have not read the many announcements regarding the required changes, we have temporarily re-enabled support for the security loophole.

Please understand that this is temporary only, and we will enforce the closure of the loophole soon. As of January 15th, 2013 we will begin blocking insecure requests that are not updated. Between now and then, we will be working with paying customers to update the request and may extend the deadline for those users, as long as there is good reason.

Passing Secret Key

Including your secret key in your request code will no longer be supported.

Blocked: http://images.shrinktheweb.com/xino.php?stwembed=1&stwu=12345&stwxmax.....

Allowed: http://images.shrinktheweb.com/xino.php?stwembed=1&stwxmax.....

Important Change - CURRENTLY ENFORCED

www.shrinktheweb.com/xino.php to >> images.shrinktheweb.com/xino.php

Outdated Request Parameters (may one day be deprecated)

This should be an easy find-and-replace for most users. For the very early adopters who hardcoded these into thousands of individual forum posts; they may stop working eventually.

Make all stw variables lowercase

&STWAccessKeyId >> &stwaccesskeyid
&stwUrl to >> &stwurl
&Size to >> &stwsize

Use the Newer STW-Specific Variable Names

&u to >> &stwu
&embed to >> &stwembed
&Size OR &size to >> &stwsize
&Url to >> &stwurl
&inside to >> &stwinside
&full to >> &stwfull
&stwq (no change)
&redo to >> &stwredo
&xmax to >> &stwxmax
&ymax to >> &stwymax
&nrx to >> &stwnrx
&nry to >> &stwnry
&delay to >> &stwdelay
&rpath to >> &stwrpath

ShrinkTheWeb® (About STW) is another innovation by Neosys Consulting
Contact Us | PagePix Benefits | Learn More | STW Forums | Our Partners | Privacy Policy | Terms of Use

Announcing Javvy, the best crypto exchange and wallet solution (coming soon!)

©2018 ShrinkTheWeb. All rights reserved. ShrinkTheWeb is a registered trademark of ShrinkTheWeb.