Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: Re: The danger of hidden fields

by Anonymous Monk
on Jul 23, 2002 at 10:45 UTC ( [id://184372]=note: print w/replies, xml ) Need Help??


in reply to Re: The danger of hidden fields
in thread The danger of hidden fields

The heart may be in the wrong place, but trusting HTTP_REFERER for a validity check is not the right solution.

Also if you are trusting user input to name a file, what if the user names a "file" (with proper encoding of course) something like | rm -rf /?

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://184372]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others pondering the Monastery: (2)
As of 2024-04-26 03:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found