RE: [Phplib-users] new Session4 changes
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] new Session4 changes
|
From: Rob H. <rob...@ws...> - 2002-12-03 13:23:09
|
Mitigation of Cross Site Scripting attacks is the responsibility of the user and more importantly the application developer. By following simple best practices such as encoding and decoding urls. There are many stupid things that could be done outside of this that would have the same end result. This is just and auth package. It is not a "make the application secure" package. Unfortunately, there is not a good answer for this right now. Again, feel free to put the IP test in, just make it defaulted off and put a warning in the documentation about its use. Rob Hutton Web Safe www.wsafe.com ********************************************************************** Introducing Symantec Client Security - Integrated Anti-Virus, Firewall, and Intrusion Detection for the Client. Learn more: http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271 |
