Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In the example given? No, the bounds are restricted. The actual text above though is the important bit:

    The variations of attacks are enormous. Use regular expressions 
    to define what is good and then deny the input if anything else is received. 
    In other words, we want to use the approach "Accept Known Good" instead of 
    "Reject Known Bad"


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: