WebApp Sec mailing list archives
RE: [WEB SECURITY] Re: HTTP Parameter Pollution
From: Stefano Di Paola <stefano.dipaola () wisec it>
Date: Fri, 22 May 2009 13:53:55 +0200
Martin, Il giorno mer, 20/05/2009 alle 22.47 +0100, Martin O'Neal ha scritto:
(thereby breaking all the apps that currently work in the opposite
way) that is a reasonable point :) When anarchy is in place (no rules) trying to introduce a standard (rules) could have its own drawbacks. In an utopian world, anarchy could be also acceptable (people respect each other, developers know their environment), but since people does mistakes, rules helps persons in having a guideline. I'd also prefer to let people, developers and servers do whatever they want, knowing and respecting the unspoken rules. Going too much into philosophy, so I stop here :) Cheers, Stefano & Luca -- Stefano Di Paola Chief Technology Officer, LA/ISO27001 Minded Security Research Labs Director Minded Security - Application Security Consulting Official Site: www.mindedsecurity.com Personal Blog: www.wisec.it/sectou.php
Current thread:
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Martin O'Neal (May 22)
- <Possible follow-ups>
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Martin O'Neal (May 22)
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Stefano Di Paola (May 22)
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Martin O'Neal (May 22)
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Martin O'Neal (May 25)
- RE: [WEB SECURITY] Re: HTTP Parameter Pollution Stefano Di Paola (May 25)