More on Form Security

Peter Murray pem at po.cwru.edu
Sun Jan 11 18:28:18 EST 1998


One place to find information and tips on CGI security is the "WWW Security
FAQ".  It can be found at:

  http://www.genome.wi.mit.edu/WWW/faqs/www-security-faq.html


Peter

--On Tue, Jan 6, 1998 11:49 AM -0800 "Elizabeth H. Hamilton"
<hamilte at one.net> wrote: 

> I think I found the answer to my first question. The form I spoke of in my
> earlier post "Form Security" would not be secure because what would keep a
> user from using another form to call my script!? In their form, they could
> "hardcode" metachracters into the place where I would have put the email
> addresses!
> 
> Apparently the only secure route is to check all input on that field
> for metacharacters. Let me dust off my Perl regexes and get to work! 
> 
> Back to the drawing board! ;-)
> 
> Thanks again!
> 
> Liz
> 
> ------------------
> Elizabeth Hamilton, 
> Web Developer                     
> hamilte at one.net
> elizabeth.hamilton at uc.edu



--
Peter Murray, Library Systems Manager                    pem at po.cwru.edu
Digital Media Services                 http://www.cwru.edu/home/pem.html
Case Western Reserve University, Cleveland, Ohio          W:216-368-5888




More information about the Web4lib mailing list