Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much
 
PerlMonks  

Re^4: Essential CGI Security Practices

by Aristotle (Chancellor)
on Feb 03, 2002 at 02:46 UTC ( #143008=note: print w/ replies, xml ) Need Help??


in reply to Re: Re: Re: Essential CGI Security Practices
in thread Essential CGI Security Practices

Yes, I was replying to your note. I think you simply confused the one kind of error message with a different kind of error message. There's a distinct difference between what you were talking about and those error messages that should not be let out due to CGI security concerns. Input validation, as I mentioned it, was meant in the extended sense of any and all checks you may perform on your input data - ie not only the initial "does this look like a valid username" but also "do we have this username in our database" and "does the password match". Point taken that you mention paths and similar information separately, however I think you should drop the condition "if you're truly paranoid" because if you're anything less than truly paranoid there's not even a chance of achieving security. :-)

Makeshifts last the longest.


Comment on Re^4: Essential CGI Security Practices

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://143008]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (5)
As of 2014-07-31 01:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (244 votes), past polls