Re: Form Security

Jerry Stuckle wrote:
And I wasn't interpreting it in the "worst of light". I was
interpreting it in the light of simple security.

What he's proposing is false security - which is worse than no security
at all. At least with the latter you know you have potential
vulnerabilities.

I really don't know what to say. The OP proposed a method for stopping
one type of cross-site scripting attack and here you are insisting that
it's crap because it doesn't stop bots.

.

Relevant Pages

  • Re: hidden php file extension
    ... Jerry Stuckle wrote: ... No, masking is false security. ... types of attacks that it can and likely will be subject to. ...
    (comp.lang.php)
  • Re: Form Security
    ... don't really feel the need to interpret other people's statements in ... What he's proposing is false security - which is worse than no security at all. ... this isn't great security - but what he's proposing will NOT stop auto-submission by any means. ...
    (comp.lang.php)
  • Re: Form Security
    ... Chung Leong wrote: ... What he's proposing is false security - which is worse than no security ...
    (comp.lang.php)
  • Re: Form Security
    ... What he's proposing is false security - which is worse than no security ... it's crap because it doesn't stop bots. ...
    (comp.lang.php)
  • Re: Form Security
    ... What he's proposing is false security - which is worse than no security ... it's crap because it doesn't stop bots. ...
    (comp.lang.php)