Skip to content

Commit

Permalink
[e] (0) Recommend against blacklists.
Browse files Browse the repository at this point in the history 
git-svn-id: http://svn.whatwg.org/webapps@6347 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
@Hixie
Hixie committed Aug 2, 2011
1 parent d3b3d8c commit b5a8497
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 0 deletions.
7 changes: 7 additions & 0 deletions complete.html
View file
Expand Up @@ -2174,6 +2174,13 @@ <h4 id=writing-secure-applications-with-html><span class=secno>1.9.1 </span>Writ
process, to the catastrophic, such as deleting all data in the
server.</p>

<p>When writing filters to validate user input, it is imperative
that filters always be whitelist-based, allowing known-safe
constructs and disallowing all other input. Blacklist-based
filters that disallow known-bad inputs and allow everything else
are not secure, as not everything that is bad is yet known (for
example, because it might be invented in the future).</p>

<div class=example>

<p>For example, suppose a page looked at its URL's query string
Expand Down
7 changes: 7 additions & 0 deletions index
View file
Expand Up @@ -2076,6 +2076,13 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
process, to the catastrophic, such as deleting all data in the
server.</p>

<p>When writing filters to validate user input, it is imperative
that filters always be whitelist-based, allowing known-safe
constructs and disallowing all other input. Blacklist-based
filters that disallow known-bad inputs and allow everything else
are not secure, as not everything that is bad is yet known (for
example, because it might be invented in the future).</p>

<div class=example>

<p>For example, suppose a page looked at its URL's query string
Expand Down
7 changes: 7 additions & 0 deletions source
View file
Expand Up @@ -969,6 +969,13 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
process, to the catastrophic, such as deleting all data in the
server.</p>

<p>When writing filters to validate user input, it is imperative
that filters always be whitelist-based, allowing known-safe
constructs and disallowing all other input. Blacklist-based
filters that disallow known-bad inputs and allow everything else
are not secure, as not everything that is bad is yet known (for
example, because it might be invented in the future).</p>

<div class="example">

<p>For example, suppose a page looked at its URL's query string
Expand Down

0 comments on commit b5a8497

Please sign in to comment.