WingNews logo WingNews
top | item 36340544

(no title)

Scalestein | 2 years ago

I'm guessing they are thinking of a scenario where SELECT * FROM User_Details gets sent directly to the front end.

So even if all you are displaying is the users name or initials you would still be sending things like SSN and credit card number to the front end

discuss

order

nerdchum|2 years ago

Sanitizing your inputs is a string issue not a data structure issue.

Sanitizing your inputs has been known about for literally almost half a century that should just be default for developers at this point.

waboremo|2 years ago

>Sanitizing your inputs has been known about for literally almost half a century that should just be default for developers at this point.

Except if you're a "stupid programmer", in which such defaults are irrelevant to you. In such cases, one can only hope they're relying on tooling that sanitizes as much as possible for them.