Home > mailing lists

Re: stripping HTML, SQL injections ... - Mailing list pgsql-general

From	Martin Gainty
Subject	Re: stripping HTML, SQL injections ...
Date	November 14, 2007 23:39:33
Msg-id	BAY108-DAV128D3C01D5EBA83D7C944BAE820@phx.gbl Whole thread Raw
In response to	PITR and warm standby setup questions ("Mason Hale" <masonhale@gmail.com>)
Responses	Re: stripping HTML, SQL injections ... (Alvaro Herrera <alvherre@alvh.no-ip.org>)
List	pgsql-general

Tree view

this is a very simple html tag strip routine
I dont understand what security you had in mind ..

so I take it you're not a fan of dojo or GWT?

M--
----- Original Message -----
From: "Ian Barwick" <barwick@gmail.com>
Cc: "Scott Marlowe" <scott.marlowe@gmail.com>; "pgsql-general"
<pgsql-general@postgresql.org>
Sent: Wednesday, November 14, 2007 7:21 PM
Subject: Re: [GENERAL] stripping HTML, SQL injections ...


> Martin,
>
> 2000/11/15, Martin Gainty <mgainty@hotmail.com>:
> > Scott-
> >
> > In JavaScript
> >
http://www.java2s.com/Tutorial/JavaScript/0520__Regular-Expressions/StripHTM
> > L.htm
>
> I don't remember what the consensus was back in 2000 (your mail's
> timestamp), but in 2007 it's Not A Good Idea to rely on client-side
> validation for security-related operations ;).
>
>
> Regards
>
> Ian Barwick
>
>
> --
> http://sql-info.de/index.html
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: explain analyze is your friend
>

pgsql-general by date:

From: "Ian Barwick"
Date: 14 November 2007, 23:21:56
Subject: Re: stripping HTML, SQL injections ...

From: "Merlin Moncure"
Date: 15 November 2007, 01:06:53
Subject: Re: Path to top of tree

Re: stripping HTML, SQL injections ... - Mailing list pgsql-general

Previous

Next