|
|
|
|
|
|
by thomasahle
3711 days ago
|
|
|
> Also, it's a terrible default (for security reasons) to let the web pages you're parsing automagically initiate new requests to arbitrary urls. Right. We'd have to only grab the article-id, validate that it is in fact an interger in the right range, and only then piece the url back together and request it. On the other hand, maybe just checking that we stay within the domain is enough. If the website wants to screw with us, they can send us any reply they want to any url anyway. |
|
|