The browser is not supposed to change that, unless you hard-link to
http:// somewhere in your application.
I don't guarantee no browser ever had a bug like that, but I never
heard of such a bug.
And there ain't no stopping a pesky user from taking the 's' out to
see what happens... So you should
Am Samstag, den 02.12.2006, 13:57 -0600 schrieb Larry Garfield:
> If you're talking about getting user data into a web script, then GET, POST,
> and cookies are the only options. All three are insecure, because they're
> coming from the user. The user is guilty until proven otherwise. Sanitize
On Sat, December 2, 2006 10:29 am, Alain Roger wrote:
> Based on phpsec.org documentation it is written ("between lines") that
> GET
> and POST methods are still used but they are not the most secured
> (except if
> we take care for that).
> So, i would like to know which other methods are more sec
If you're talking about getting user data into a web script, then GET, POST,
and cookies are the only options. All three are insecure, because they're
coming from the user. The user is guilty until proven otherwise. Sanitize
thy input.
Sensitive data like username and password should never b
Hi,
Based on phpsec.org documentation it is written ("between lines") that GET
and POST methods are still used but they are not the most secured (except if
we take care for that).
So, i would like to know which other methods are more secured that those 2.
thx.
Alain
-
5 matches
Mail list logo
