in reply to Re^2: Essential CGI Security Practices
in thread Essential CGI Security Practices
Are you replying to the right node?
If so, I say nothing of fatalsToBrowser.
And Invalid password/Invalid login
is something the user can fix, and it is
not really input validation as
you cannot (usually) do it programmatically
i.e. verify that the user has in fact
authenticated himself.
Also my discussion of paths
(your point about open) was seperate,
following "on the other hand",
therefore we are in accordance.
--
perl -pe "s/\b;([st])/'\1/mg"
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^4: Essential CGI Security Practices
by Aristotle (Chancellor) on Feb 03, 2002 at 02:46 UTC |
In Section
Meditations