And, you can add to this
> Never trust data from the client...always filter it(I use an lib to do
that)!
> Make sure register_globals is off or code accordingly.
Make sure that you're using SSL (https).
Also, (maybe not directly related though...) if possible, separate your web
server from your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Never trust data from the client...always filter it(I use an lib to do that)!
Make sure register_globals is off or code accordingly.
HTH!
~Paul
On Saturday 09 November 2002 01:12 am, Creighton Brown wrote:
> I want to know recommendations securing GET
2 matches
Mail list logo
