|
|
|
|
|
|
by wccrawford
1973 days ago
|
|
|
Even if you sanitize inputs, you still have to sanitize outputs. And as the comments below show, the real problem here is that outputs weren't sanitized. Creating URLs or command line arguments without proper escaping is going to fail in so many ways, even on data that isn't malicious. |
|
|