Author alex
Recipients Arfrever, Mark.Shannon, PaulMcMillan, Zhiping.Deng, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, georg.brandl, gvanrossum, haypo, jcea, lemburg, merwok, pitrou, terry.reedy
Date 2012-01-04.17:44:50
SpamBayes Score 0.0141638
Marked as misclassified No
Message-id <1325699090.97.0.797030531574.issue13703@psf.upfronthosting.co.za>
In-reply-to
Content
Except, it's a totally non-scalable approach.  People have vulnerabilities all over their sites which they don't realize.  Some examples:

django-taggit (an application I wrote for handling tags) parses tags out an input, it stores these in a set to check for duplicates.  It's vulnerable.

Another site I'm writing accepts JSON POSTs, you can put arbitrary keys in the JSON.  It's vulnerable.
History
Date User Action Args
2012-01-04 17:44:51alexsetrecipients: + alex, lemburg, gvanrossum, barry, georg.brandl, terry.reedy, jcea, pitrou, haypo, christian.heimes, benjamin.peterson, merwok, Arfrever, dmalcolm, Mark.Shannon, Zhiping.Deng, PaulMcMillan
2012-01-04 17:44:50alexsetmessageid: <1325699090.97.0.797030531574.issue13703@psf.upfronthosting.co.za>
2012-01-04 17:44:50alexlinkissue13703 messages
2012-01-04 17:44:50alexcreate