Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #3670
| Path | csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!news.albasani.net!feeder.news-service.com!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <balle@chaostal.de> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.014 |
| X-Spam-Evidence | '*H*': 0.97; '*S*': 0.00; 'escape': 0.04; 'wed,': 0.04; 'content-type:multipart/signed': 0.09; 'bobby': 0.16; 'content-type:application/pgp-signature': 0.16; 'filename:fname piece:asc': 0.16; 'filename:fname piece:signature': 0.16; 'filename:fname:signature.asc': 0.16; 'input.': 0.16; 'rachel': 0.16; 'subject:] ': 0.16; 'seems': 0.21; 'appropriate': 0.21; 'header:In-Reply-To:1': 0.22; 'happen.': 0.23; 'here?': 0.23; '+0200': 0.25; '(in': 0.27; 'string': 0.29; 'depends': 0.29; 'tables': 0.29; 'forgot': 0.29; 'instead,': 0.29; 'all.': 0.30; 'filtering': 0.31; 'harm': 0.31; 'strings,': 0.31; 'does': 0.31; 'called': 0.32; 'to:addr:python-list': 0.32; 'subject:[': 0.34; 'characters': 0.35; 'question': 0.35; 'charset:us-ascii': 0.36; 'table': 0.37; 'apr': 0.38; 'but': 0.38; 'to:addr:python.org': 0.39; 'received:de': 0.39; 'header:Mime-Version:1': 0.39; 'header:Received:5': 0.40; 'received:95': 0.60; '2011': 0.62; 'dangerous': 0.65; 'escaping': 0.84; 'schrieb': 0.84; 'subject:over': 0.84 |
| Date | Wed, 20 Apr 2011 10:59:33 +0200 |
| From | Bastian Ballmann <balle@chaostal.de> |
| To | python-list@python.org |
| Subject | [OT] Re: Pickling over a socket |
| In-Reply-To | <iom59c$d2q$1@r03.glglgl.eu> |
| References | <61890800-f81a-4a1e-8905-a0237407f016@a21g2000prj.googlegroups.com> <BANLkTi=1d4k6QfscN_F_fPddznfQUuY6wA@mail.gmail.com> <mailman.582.1303241870.9059.python-list@python.org> <7744bf8c-0df6-4dc9-a977-7234d571643f@r4g2000prm.googlegroups.com> <7a56699d-7387-49a0-8c4f-f794df43df00@22g2000prx.googlegroups.com> <20110420084431.0480aa41@chaostal.de> <BANLkTiksqp-RMyJj8UcbquiYxHZJqeSj-w@mail.gmail.com> <mailman.624.1303284884.9059.python-list@python.org> <iom59c$d2q$1@r03.glglgl.eu> |
| X-Mailer | Claws Mail 3.7.8 (GTK+ 2.22.1; i686-pc-linux-gnu) |
| Mime-Version | 1.0 |
| Content-Type | multipart/signed; micalg=PGP-SHA1; boundary="Sig_/pOWjjbpA9Ckqz/ybvCl.cLw"; protocol="application/pgp-signature" |
| X-Virus-Scanned | Debian amavisd-new at lucy.chaostal.de |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.12 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.630.1303289997.9059.python-list@python.org> (permalink) |
| Lines | 43 |
| NNTP-Posting-Host | 82.94.164.166 |
| X-Trace | 1303289998 news.xs4all.nl 81475 [::ffff:82.94.164.166]:49686 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | x330-a1.tempe.blueboxinc.net comp.lang.python:3670 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
Am Wed, 20 Apr 2011 10:25:14 +0200 schrieb Thomas Rachel <nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915@spamschutz.glglgl.de>: > It depends on what the program does with the input. If it treats it > appropriately, nothing can happen. Yes, but the question seems to be what is appropriately. > What do yu want with filters here? Not filtering is appropriate > against SQL injection, but escaping. Escaping in strings, filtering with numbers etc. > If Little Bobby Tables is really called "Robert'); DROP TABLE > STUDENTS; --", it is wrong to reject this string - instead, all > dangerous characters inside it must be quoted (in this case: ') and > then it does not harm at all. Well you forgot to escape ; and \ but this seems to slide into OT ;) Greets Basti
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar
Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 11:53 -0700
Re: Pickling over a socket Chris Rebert <clp2@rebertia.com> - 2011-04-19 12:21 -0700
Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:29 +1000
Re: Pickling over a socket Dan Stromberg <drsalists@gmail.com> - 2011-04-19 12:30 -0700
Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:37 +1000
Re: Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 15:27 -0700
Re: Pickling over a socket Jean-Paul Calderone <calderone.jeanpaul@gmail.com> - 2011-04-19 19:28 -0700
Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 08:44 +0200
Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 16:59 +1000
Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 09:34 +0200
Re: Pickling over a socket Thomas Rachel <nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915@spamschutz.glglgl.de> - 2011-04-20 10:25 +0200
[OT] Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 10:59 +0200
Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 19:26 +1000
Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 11:41 +0200
csiph-web