This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Incomplete Blacklist"
From OWASP
| Line 1: | Line 1: | ||
| + | {{Template:Stub}} | ||
{{Template:Vulnerability}} | {{Template:Vulnerability}} | ||
| Line 18: | Line 19: | ||
==Categories== | ==Categories== | ||
| − | + | [[Category:OWASP ASDR Project]] | |
| − | + | [[Category:Vulnerability]] | |
Revision as of 14:06, 2 November 2008
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
Description
NOTE: This probably should be made into a principle - Don't use blacklist. New attacks are being developed everyday, which makes it difficult or nearly impossible in some cases to make a complete blacklist. Instead positive whitelist, which specifies what is allowed, should be used.
