Perl: the Markov chain saw | |
PerlMonks |
Re: Re: The danger of hidden fieldsby Anonymous Monk |
on Jul 23, 2002 at 10:45 UTC ( [id://184372]=note: print w/replies, xml ) | Need Help?? |
The heart may be in the wrong place, but trusting HTTP_REFERER for a validity check is not the right solution. Also if you are trusting user input to name a file, what if the user names a "file" (with proper encoding of course) something like | rm -rf /?
In Section
Seekers of Perl Wisdom
|
|