Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Fix typo in the security.md page. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
f32ee075ea835de9b06337cc6f8e5fd9 |
User & Date: | drh 2018-03-30 11:19:37.489 |
Context
2018-03-30
| ||
12:23 | Use site-absolute URLs on the README.md file. (check-in: c555d600c0 user: drh tags: trunk) | |
11:19 | Fix typo in the security.md page. (check-in: f32ee075ea user: drh tags: trunk) | |
2018-03-29
| ||
15:32 | Update the security page to talk about the fact that parameter names must not contain special characters. (check-in: 8cec7dcae8 user: drh tags: trunk) | |
Changes
Changes to docs/security.md.
︙ | ︙ | |||
31 32 33 34 35 36 37 | 3. Cookies, query parameters, and POST parameters are automatically decoded before they reach application code. There is no risk that the application program will forget a decoding step or accidently miscode a decoding operation. 4. Cookies, query parameters, and POST parameters are silently discarded unless their names begin with a lower-case letter and contain only | | | 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | 3. Cookies, query parameters, and POST parameters are automatically decoded before they reach application code. There is no risk that the application program will forget a decoding step or accidently miscode a decoding operation. 4. Cookies, query parameters, and POST parameters are silently discarded unless their names begin with a lower-case letter and contain only alphanumerics, underscores, and minus-signs. Hence, there is no risk that unusual parameter names can cause quoting problems or other vulnerabilities. 5. Reply text generated using the "wapp-subst" and "wapp-trim" commands automatically escapes generated text so that it is safe for inclusion within HTML, within a javascript or JSON string literal, as a URL, or as the value of a query parameter. As long as the application |
︙ | ︙ |