On 9 Jun 2001, at 11:15, Kevin Meltzer wrote:
> Well, depending on the application (CGI or otherwise) you sometimes need to. If
> it is a path, or a file, it may need to be done (as well as putting things into
> DB with chars that shouldn't be there). If someone allows for \w chars, then
> they will have to clean up the havoc they are allowing.
Bah. Bah!
> A script is only as
> secure as the programmers clue about security.
Well, that's *always* true.
> Agreed (with newlines, that's just silly). Spaces, well, I know
> that is valid in (at least) Windows.
Just because something is valid doesn't mean it's okay. Spaces,
bah!
> Yes, he did. Unless, everyone in the world is misquoting him.
Blame _Discover_.
He apparently said something to the effect, but the exact wording
is in doubt (especially the "THAT'S relativity" bit)... you can find
about four different versions floating around, with the Discover
version most frequently found. Apparently the actual words weren't
quite facile enough, so the quoters made it wittier.
--
Karen J. Cravens ([EMAIL PROTECTED])
