• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Why does CI only allow certain values in the URL?

#7
[eluser]Derek Allard[/eluser]
The answer is immediately above the "you are insane" part.
Quote:| As a security measure you are STRONGLY encouraged to restrict URLs to
| as few characters as possible. By default only these are allowed: a-z 0-9~%.:_-
In general, the more paranoid you can be, the better. If you're just getting started with PHP/web application security, I'd encourage you to start reading around a bit more. 2 good topics to start on are XSS injection and SQL injection.

There are many more, but those are the "gateway" topics in my opinion. Good luck!


Messages In This Thread
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:26 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:42 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:43 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:48 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:50 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-01-2008, 09:54 PM
Why does CI only allow certain values in the URL? - by El Forum - 03-02-2008, 08:18 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.