oss-sec mailing list archives
First result on google promotes insecure coding (XSS)
From: Georgi Guninski <gguninski () gmail com>
Date: Sun, 19 Mar 2023 15:05:24 +0200
From my IP and cookie jar, searching google for
"tutorial python cgi" returns as first result [1]
on tutorialspoint.com
In "Simple URL Example:Get Method"
```
first_name = form.getvalue('first_name')
last_name = form.getvalue('last_name')
print "<h2>Hello %s %s</h2>" % (first_name, last_name)
```
Besides cgi tutorial, this is XSS and CSRF tutorial by example.
Does the so called security "community" plan to reduce teaching
insecure code?
[1] https://www.tutorialspoint.com/python/python_cgi_programming.htm
--
We don't need no education, we don't need no thought control
Pink Floyd
Current thread:
- First result on google promotes insecure coding (XSS) Georgi Guninski (Mar 19)
- Re: First result on google promotes insecure coding (XSS) Solar Designer (Mar 19)
- Re: First result on google promotes insecure coding (XSS) Georgi Guninski (Mar 19)
- Re: First result on google promotes insecure coding (XSS) Solar Designer (Mar 19)