Closed davengeo closed 10 years ago
Once you deploy to the public this is called "the public fire", could be worse if you use DB Ids externally and somebody tries to do a SQL injection for instance. http://www.w3schools.com/sql/sql_injection.asp
Thank you... what does this phrase mean? "putting become a page 100 into -100" ?? .... Does SQL injection work/hurt if you don't use SQL?
It's an example of the bad habits of deploy things in the cloud without a second of concern about robustness and security.
When I put in the second edit text with label "Or change page " 100 " to become " -100. You can reproduce the fail in your local environment.
Tested in local env. fixed.
putting become a page 100 into -100 results in a persistent 500 http error code from server and all the system fails for ever and ever and ever... http://www.w3.org/Protocols/HTTP/HTRESP.html