> Input validation is essential, but it's not the whole picture. > If you look at OWASP top ten for 2025, broken access control > ranks 1st.
That's right, but if someone wants to get hacked deliberately then we can't do anything about it. >From the AI overview of the top 10, it looks like 4 of them are directly >related to input not being validated / input not being sanitized. I haven't dug deep into the remaining 5 but I suspect that few of them will again relate to input not being validated / input not being sanitized. But I am not making a statement on this as of now. My most important point and the central point of my whole proposal is that """"We should not satisfy the minority at the expense of the majority."""" If people don't agree with me on this point, then obviously there won't be any point in me pursuing my proposal on this forum. So, I would request people to think about this point first. If people agree, it will be fine with me, and if people don't agree, then also it will be fine with me. But this is the first point that should be sorted out. Amit
