16 lines
849 B
Plaintext
16 lines
849 B
Plaintext
=== On 2015-10-02T19:13:58Z Ann Campbell Wrote:
|
|
\[~nicolas.peru], I know we're not ready to check ``++web.xml++`` yet, but when we are...
|
|
|
|
=== On 2016-03-04T12:32:16Z sytze van koningsveld Wrote:
|
|
scrubbing sounds like blacklisting, which is different from true validation (white listing), so maybe a misnomer. The "validation filter" should not replace true valdation, typically done in controllers.
|
|
|
|
=== On 2018-03-19T09:56:33Z Sébastien GIORIA - AppSecFR Wrote:
|
|
I might tag this OWASP A6:2017 and not A1:2017. This is not a injection, more a configuration problem
|
|
|
|
=== On 2018-03-20T07:22:40Z Freddy Mallet Wrote:
|
|
I tend to agree with [~SPoint]. [~alexandre.gigleux] would you be confortable with this change ? Thanks
|
|
|
|
=== On 2018-03-20T08:16:15Z Alexandre Gigleux Wrote:
|
|
I agree [~freddy.mallet] / [~SPoint] and I applied the suggested change.
|
|
|