Return-Path: 
 <modperl-return-59164-apmail-perl-modperl-archive=perl.apache.org@perl.apache.org>
Delivered-To: apmail-perl-modperl-archive@www.apache.org
Received: (qmail 39575 invoked from network); 13 Feb 2009 21:02:24 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 13 Feb 2009 21:02:24 -0000
Received: (qmail 56393 invoked by uid 500); 13 Feb 2009 21:02:16 -0000
Delivered-To: apmail-perl-modperl-archive@perl.apache.org
Received: (qmail 56379 invoked by uid 500); 13 Feb 2009 21:02:16 -0000
Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:modperl-help@perl.apache.org>
list-unsubscribe: <mailto:modperl-unsubscribe@perl.apache.org>
List-Post: <mailto:modperl@perl.apache.org>
List-Id: <modperl.perl.apache.org>
Delivered-To: mailing list modperl@perl.apache.org
Received: (qmail 56362 invoked by uid 99); 13 Feb 2009 21:02:15 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Feb 2009 13:02:15 -0800
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: local policy)
Received: from [208.113.200.5] (HELO swarthymail-a4.g.dreamhost.com)
 (208.113.200.5)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Feb 2009 21:02:08 +0000
Received: from [192.168.2.2] (w034.z064000035.nyc-ny.dsl.cnc.net [64.0.35.34])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	by swarthymail-a4.g.dreamhost.com (Postfix) with ESMTP id 8EC8A129A84;
	Fri, 13 Feb 2009 13:01:46 -0800 (PST)
Cc: mod_perl list <modperl@perl.apache.org>
Message-Id: <F0215BCF-7C03-4CC0-9AF2-0D2EF7946818@2xlp.com>
From: Jonathan Vanasco <jvanasco@2xlp.com>
To: =?ISO-8859-1?Q?Andr=E9_Warnier?= <aw@ice-sa.com>
In-Reply-To: <4995DA40.5050402@ice-sa.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Apple Message framework v930.3)
Subject: Re: dealing with empty field names in query
Date: Fri, 13 Feb 2009 16:03:26 -0500
References: <555657.82066.qm@web25407.mail.ukl.yahoo.com>
 <EE9141C1-7ACD-4553-8D51-702938933AB0@2xlp.com> <4995DA40.5050402@ice-sa.com>
X-Mailer: Apple Mail (2.930.3)
X-Virus-Checked: Checked by ClamAV on apache.org

On Feb 13, 2009, at 3:38 PM, Andr=E9 Warnier wrote:

> The management part of me says that if you sell shoddy merchandise to
> people, they are going to come back and hit you with it.
> Presumably, if you get such kind of posted data from a form, it is
> because you sent a shoddy form to the browser, which can submit such
> shoddy data.  Or because you have some shoddy javascript in the form,
> which sends shoddy data to your server.
> So we're still at the garbage level, but the other way around : =20
> garbage
> out, gargabe in.
> ;-)

That's assuming that you're responsible.

Today many people use misc javascript libraries; and there are js DMZ =20=

servers that serve off cached versions so people don't have to =20
reload.  A simple typo could render your application broken.=