Y
Hacker News
new
|
ask
|
show
|
jobs
by
tmikaeld
851 days ago
I don't get why they allow injection of irrelevant url parameters in the first place, it's the first rule of any input - remove what's not used and sanitize what is.