seen on the ANA website

[Peter Evans <peter () ixp jp>]

I guess this fits the MO for this ML,

I was just on the ANA website, playing with their mileage program that
can't cope with my name being spelled 4 different ways depending on the
phase of the moon. Heaven help someone with a complicated name!


In the forms section:

For security reasons, please do not use the following marks----' '," ",< >and( ).


Does this mean:
        A) We are incapable of secure coding and use SQL, meaning that anyone with
        a modicum of SQL knowledge will be able to vacuum our database.

        B) We are also incapable of filtering out potentially malicious HTML, so please
        don't do that.

        C) We really do not like brackets and wish you wouldn't either. Brackets are an
        anathema to society and we are attempting to stamp them out.

        D) The bracket, angle bracket, single and double quotes are endangered species and
        we will not be party to their needless slaughter.

        E) We are malicious, and we put this warning here to smoke out the wannabe hackers.


        P


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.