Y
Hacker News
new
|
ask
|
show
|
jobs
by
sk5t
2097 days ago
WAFs sound pretty darn good for simple, well-understood services with known good inputs. If every valid request to some half-forgotten Perl remnant in /cgi-bin looks like "path\?id=[0-9]{1,10}" then let that allow rule rip!