|
|
|
|
|
|
by chopin
2673 days ago
|
|
|
More to the point, you should put untrusted input into a different type from trusted input. As much as I admire the design of the servlet API I think the biggest mistake is that everything is transmitted as Strings. The input characters should have had a different type than the output characters. |
|
|