Y
Hacker News
new
|
ask
|
show
|
jobs
by
simonw
51 days ago
Good frameworks can protect against SQL injection and XSS (through default escaping of output variables) but protecting against insecure direct object access is a lot harder.