note
cjf
Good article, it addresses a problem that is overlooked way too often. From the article...
<blockquote>The key to solving cross-site scripting attacks is to never, ever trust data that comes from the web browser. Any input data should be considered guilty unless proven innocent.</blockquote>
<p>Couldn't have said it better myself. For more information on the subject consult [Essential CGI Security Practices] :)</p>
146949
146949