|
|
Posted by Chung Leong on 11/04/05 07:57
Gordon Burditt wrote:
> I'll strongly disagree with this one. If an input should be a
> number, and it's not, you should generate an error message (and
> possibly log a tampering attempt), not process the input as though
> it were zero or something else. Fixing an over-long string by
> chopping it has potential for causing more (security and other)
> problems than it fixes. Chances are a numeric input should be
> checked against an application-specific range of allowable values
> also.
You misunderstood me. I said you shouldn't rely on validation for
security purpose. I didn't say don't do validation. My point is that
input validation is a functional requirement and not a security
measure. You do it so that you can, as you said, tell the user he did
something wrong. You don't want to rely on it, at the same time, to
protect your code downstream.
Navigation:
[Reply to this message]
|