[html5] r6347 - [e] (0) Recommend against blacklists.

whatwg at whatwg.org whatwg at whatwg.org
Tue Aug 2 15:00:29 PDT 2011 

Author: ianh
Date: 2011-08-02 15:00:27 -0700 (Tue, 02 Aug 2011)
New Revision: 6347

Modified:
   complete.html
   index
   source
Log:
[e] (0) Recommend against blacklists.

Modified: complete.html
===================================================================
--- complete.html	2011-08-02 21:47:26 UTC (rev 6346)
+++ complete.html	2011-08-02 22:00:27 UTC (rev 6347)
@@ -2174,6 +2174,13 @@
     process, to the catastrophic, such as deleting all data in the
     server.</p>
 
+    <p>When writing filters to validate user input, it is imperative
+    that filters always be whitelist-based, allowing known-safe
+    constructs and disallowing all other input. Blacklist-based
+    filters that disallow known-bad inputs and allow everything else
+    are not secure, as not everything that is bad is yet known (for
+    example, because it might be invented in the future).</p>
+
     <div class=example>
 
      <p>For example, suppose a page looked at its URL's query string

Modified: index
===================================================================
--- index	2011-08-02 21:47:26 UTC (rev 6346)
+++ index	2011-08-02 22:00:27 UTC (rev 6347)
@@ -2076,6 +2076,13 @@
     process, to the catastrophic, such as deleting all data in the
     server.</p>
 
+    <p>When writing filters to validate user input, it is imperative
+    that filters always be whitelist-based, allowing known-safe
+    constructs and disallowing all other input. Blacklist-based
+    filters that disallow known-bad inputs and allow everything else
+    are not secure, as not everything that is bad is yet known (for
+    example, because it might be invented in the future).</p>
+
     <div class=example>
 
      <p>For example, suppose a page looked at its URL's query string

Modified: source
===================================================================
--- source	2011-08-02 21:47:26 UTC (rev 6346)
+++ source	2011-08-02 22:00:27 UTC (rev 6347)
@@ -969,6 +969,13 @@
     process, to the catastrophic, such as deleting all data in the
     server.</p>
 
+    <p>When writing filters to validate user input, it is imperative
+    that filters always be whitelist-based, allowing known-safe
+    constructs and disallowing all other input. Blacklist-based
+    filters that disallow known-bad inputs and allow everything else
+    are not secure, as not everything that is bad is yet known (for
+    example, because it might be invented in the future).</p>
+
     <div class="example">
 
      <p>For example, suppose a page looked at its URL's query string

More information about the Commit-Watchers mailing list