This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Incomplete Blacklist"

From OWASP
Jump to: navigation, search
 
Line 1: Line 1:
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
  
 +
[[Category:FIXME|Stub article, needs review]]
 
==Description==
 
==Description==
  

Revision as of 16:48, 13 October 2008

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Description

NOTE: This probably should be made into a principle - Don't use blacklist. New attacks are being developed everyday, which makes it difficult or nearly impossible in some cases to make a complete blacklist. Instead positive whitelist, which specifies what is allowed, should be used.

Examples

Related Threats

Related Attacks

Related Vulnerabilities

Permissive Whitelist

Related Countermeasures

Categories

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
Retrieved from "https://wiki.owasp.org/index.php?title=Incomplete_Blacklist&oldid=43173"