Re: stripping HTML, SQL injections ...

From: "Ian Barwick" <barwick(at)gmail(dot)com>
To:
Cc: "Scott Marlowe" <scott(dot)marlowe(at)gmail(dot)com>, pgsql-general <pgsql-general(at)postgresql(dot)org>
Subject: Re: stripping HTML, SQL injections ...
Date: 2007-11-15 00:21:45
Message-ID: 1d581afe0711141621g2ff0bfe7j61bfc654204a3e1@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Martin,

2000/11/15, Martin Gainty <mgainty(at)hotmail(dot)com>:
> Scott-
>
> In JavaScript
> http://www.java2s.com/Tutorial/JavaScript/0520__Regular-Expressions/StripHTM
> L.htm

I don't remember what the consensus was back in 2000 (your mail's
timestamp), but in 2007 it's Not A Good Idea to rely on client-side
validation for security-related operations ;).

Regards

Ian Barwick

--
http://sql-info.de/index.html

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Martin Gainty 2007-11-15 00:37:09 Re: stripping HTML, SQL injections ...
Previous Message Joshua D. Drake 2007-11-14 23:47:59 Re: PITR and warm standby setup questions