Re: Form Security
- From: Jerry Stuckle <jstucklex@xxxxxxxxxxxxx>
- Date: Sat, 11 Mar 2006 19:30:43 -0500
Chung Leong wrote:
Jerry Stuckle wrote:
Chung Leong wrote:
Jerry Stuckle wrote:
And I wasn't interpreting it in the "worst of light". I was
interpreting it in the light of simple security.
What he's proposing is false security - which is worse than no security
at all. At least with the latter you know you have potential
vulnerabilities.
I really don't know what to say. The OP proposed a method for stopping
one type of cross-site scripting attack and here you are insisting that
it's crap because it doesn't stop bots.
And it doesn't stop what he's trying to stop!
How so? Because...it doesn't stop bots?
You can't see your solution is total trash? I'm sorry for you - and even more so for your customers. I hope I never have to take over a site you've worked on.
I'm not even going to bother to continue this discussion.
You go ahead and give people a false sense of security. I hope no one gets hurt by your poor advice.
Meanwhile - I'll continue a conversation with the original poster - but you're not worth the time.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================
.
- Follow-Ups:
- Re: Form Security
- From: Scott
- Re: Form Security
- References:
- Form Security
- From: Scott
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- From: Chung Leong
- Re: Form Security
- From: Jerry Stuckle
- Re: Form Security
- From: Chung Leong
- Form Security
- Prev by Date: Re: str_ireplace() for php4?
- Next by Date: Re: charts layering problem
- Previous by thread: Re: Form Security
- Next by thread: Re: Form Security
- Index(es):
Relevant Pages
|
