This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Incomplete Blacklist

From OWASP
Revision as of 01:57, 9 February 2009 by KirstenS (talk | contribs) (Related Vulnerabilities)

Jump to: navigation, search

Template:CandidateForDeletion

Description

NOTE: This probably should be made into a principle - Don't use blacklist. New attacks are being developed everyday, which makes it difficult or nearly impossible in some cases to make a complete blacklist. Instead positive whitelist, which specifies what is allowed, should be used.

Examples

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories

Retrieved from "https://wiki.owasp.org/index.php?title=Incomplete_Blacklist&oldid=53581"