And, you can add to this
> Never trust data from the client...always filter it(I use an lib to do
that)!
> Make sure register_globals is off or code accordingly.
Make sure that you're using SSL (https).
Also, (maybe not directly related though...) if possible, separate your web
server from your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Never trust data from the client...always filter it(I use an lib to do that)!
Make sure register_globals is off or code accordingly.
HTH!
~Paul
On Saturday 09 November 2002 01:12 am, Creighton Brown wrote:
> I want to know recommendations securing GET
I want to know recommendations securing GET | POST | SESSIONS or other data
in WebPages.
One site I may be developing for the local govt has the need to take and
receive data from a database and data will be past with GET | POST |
SESSIONS.
Any recommendations regarding this would be welcome.
Th
3 matches
Mail list logo
