[thelist] xssi serving up separate css
The Optimizer
chrism at puffofsmoke.net
Fri Oct 12 11:07:16 CDT 2001
> ><tip>Always use server-side validation for form input. It is a trivial
> >matter to bypass JavaScript validation in order to populate a database
> >with meaningful code. </tip>
>
> I think you mean "meaningless data" here ;)
I assume from the emoticon you're joking, but consider the implications of
allowing unvalidated strings into your database. About the simplest example
I can think of is displaying pornography on a public message board.
Unpleasant at the very least.
Regards
Chris Marsh
More information about the thelist
mailing list