Server-side programming

Timo Virkkala wt at nic.fi
Sat Sep 20 01:51:52 CEST 2003


I'm creating a system with Python CGIs, that connect to a database. I'm 
wondering about input validation. Of course I will check the length of 
the passed parameters, to (hopefully) prevent any DOS attacks. What else 
do I need to check? Do I need to remove any SQL from the inputs? 
Anything else I might have overlooked?

-- 
Timo Virkkala | wt at nic.fi

   "In the battle between you and the world, bet on the world."





More information about the Python-list mailing list