[thelist] [tip] Macromedia even forgets (encoding user input)

Sarah poohbear at designshift.com
Mon Jun 30 09:55:41 CDT 2003


At 6/25/2003 11:45 PM, you wrote:
>The two major problems are:
>
>a) SQL Injection attacks, where carefully crafted input allows the malicious
>attacker to alter (or append) to your SQL statements
>
>     -and-
>
>b) Cross-Site Scripting attacks, where Javascript/VBScript can be embedded
>into the HTML source of webpages (eg when data is extracted), or in email
>messages, which can then do malicious things (eg send the cookies for the
>current site to a remote site as part of a HTTP request).


Wow! Thanks for all the responses to my question, it looks like I really do 
need to give this problem some more thought, and figure out where a 
preventive solution needs to be incorporated into my code!

Sarah 



More information about the thelist mailing list