Lists Home |
Date Index |
> <shrug/> Intelligent folks building real systems tell me that
> validation isn't actually something you do in production code
Those folks are asking for a world of pain once/if they move their
application out of a tightly controlled environment. Trust, but verify.
How many Web problems were caused by not validating HTML form data?
Anyhow, send those folks you mention over our way. :)
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html