The downloadable version of this article can be found here:
http://techrepublic.com.com/5138-3513-6078570.html
Are you validating user input in your Web applications (as you most definitely should be)?
Discussion on:
View:
Show:
Ever web app should validate user supplied input.
I would actually say take it a step further, and only for email address and website should input be processes as anything other than text.
If site user input cannot be used to pass sql or script commands then you have taken a huge step towards stopping the site from being cracked.
Naturally, doing this requires a complete separation of the database backend from the site front end, which it seems most developers concider to be to much work.
I would actually say take it a step further, and only for email address and website should input be processes as anything other than text.
If site user input cannot be used to pass sql or script commands then you have taken a huge step towards stopping the site from being cracked.
Naturally, doing this requires a complete separation of the database backend from the site front end, which it seems most developers concider to be to much work.
Now i am putting this as a input..
<script>
window.<nload=function ()
{
alert('welcome');
}
</script>
<script>
window.<nload=function ()
{
alert('welcome');
}
</script>
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
