Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
MrFoof
on April 4, 2012
|
parent
|
context
|
favorite
| on:
SQL Injection through HTTP Headers
Or, more succinctly, don't trust anything that comes from outside your application stack.
dangrossman
on April 4, 2012
[–]
Or use prepared statements regardless of the source so that knowing the source, and tracking changes of the source of variables, becomes a non-issue.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
