logo

New Response

« Return to the main article

You are replying to:

  1. If you do this be clear that it's a security risk. Normally you wouldn't read the contents of a CGI variable and write back the parsed data back to the document verbatim.

    Consider:

    ...?OpenAgent&DocAuthors=*

    You could put yourself in a bad place if you allowed the user accessible data to control something like that.

    Josh

Your Comments

Name:
E-mail:
(optional)
Website:
(optional)
Comment: