I guess this fits the MO for this ML,
I was just on the ANA website, playing with their mileage program that
can't cope with my name being spelled 4 different ways depending on the
phase of the moon. Heaven help someone with a complicated name!
In the forms section:
For security reasons, please do not use the following marks----' '," ",< >and(
).
Does this mean:
A) We are incapable of secure coding and use SQL, meaning that anyone
with
a modicum of SQL knowledge will be able to vacuum our database.
B) We are also incapable of filtering out potentially malicious HTML,
so please
don't do that.
C) We really do not like brackets and wish you wouldn't either.
Brackets are an
anathema to society and we are attempting to stamp them out.
D) The bracket, angle bracket, single and double quotes are endangered
species and
we will not be party to their needless slaughter.
E) We are malicious, and we put this warning here to smoke out the
wannabe hackers.
P
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
