By the action coming from facebook, I wonder if one of the systems they are running it through is simply not properly sanitising that extra string out of there. "Never attribute to malice what can easily be explained by stupidity," as it is said.
On Wed, Sep 9, 2020 at 5:11 PM Cedric De Vroey via Hpr < hpr@hackerpublicradio.org> wrote: > > Op wo 9 sep. 2020 om 23:55 schreef Kevin O'Brien <zwil...@zwilnik.com>: > >> Wouldn't accepting parameters from others pose a security problem? I tend >> to think it expands the attack surface. >> > > No it doesn't really, as long as you use named parameters, and as long as > you implement proper sanitation on those parameters you should be fine from > a security perspective. However, there are privacy concerns that could be > made over this practice since it could be used to track users. > > > >> Regards, >> >> >> -- >> Kevin B. O'Brien >> z <ahuka5...@gmail.com>wil...@zwilnik.com >> http://google.me/+kevinobrien >> http://www.google.com/profiles/Ahuka5656 >> http://about.me/zwilnik >> “People shouldn't be afraid of their government. Governments should be >> afraid of their people.” - Alan Moore, *V for Vendetta* >> *Public Key = F6283E7A <https://pgp.mit.edu/>* >> >> >> >> On Wed, Sep 9, 2020 at 12:13 PM Ken Fallon <k...@fallon.ie> wrote: >> >>> On 2020-09-09 18:10, Cedric De Vroey via Hpr wrote: >>> > Well, I guess those numbers are not that odd for anything that's >>> > connected to the internet. My site is basically a static one-pager with >>> > no possibilities for user input whatsoever and even that page gets >>> > bombarded constantly (without effect). I mean, that's just how it is on >>> > the internet these days I guess, it can be a rather hostile environment >>> > at times :-) >>> >>> Actually that's the ones that make it through Joshes bear traps ;-) >>> >>> -- >>> Regards, >>> >>> Ken Fallon >>> http://kenfallon.com >>> http://hackerpublicradio.org/correspondents.php?hostid=30 >>> >>> _______________________________________________ >>> Hpr mailing list >>> Hpr@hackerpublicradio.org >>> http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org >>> >> _______________________________________________ >> Hpr mailing list >> Hpr@hackerpublicradio.org >> http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org >> > _______________________________________________ > Hpr mailing list > Hpr@hackerpublicradio.org > http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org >
_______________________________________________ Hpr mailing list Hpr@hackerpublicradio.org http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org
