716
Little Bobby Tables (imgs.xkcd.com)
you are viewing a single comment's thread
view the rest of the comments
[-] pgetsos@kbin.social 56 points 1 year ago

Suddenly, very relatable today...

[-] Reliant1087@lemmy.world 16 points 1 year ago

I was just thinking how the developer of kbin made a post regarding a similar bug in kbin and some people made fun of him for missing something so obvious, and here we are 🤨

[-] glorious_albus@lemmy.world 39 points 1 year ago

There's only two kinds of people:

  1. Those who know no system is fool proof.
  2. Dumbasses.
[-] Reliant1087@lemmy.world 7 points 1 year ago

I think everyone is on a journey from 2 -> 1, some just get there sooner than others :)

[-] marcos@lemmy.world 1 points 1 year ago

If you are creating some software in 2023, it should not be vulnerable to SQL injection.

There's no "but" or "unless".

I really wished the presentation layer and session management had that kind of clear interfaces, instead we are stuck into only solving some 99.9% of CSS and 90% of CSRF. But SQL injection is 100% complete solved for good.

[-] nottheengineer@feddit.de 1 points 1 year ago

I'd call the second group fools because those are generally the ones that the system is trying to be safe against.

[-] Hypersapien@lemmy.world 1 points 1 year ago

Foolproofness is an asymptote. It's not achievable but we can always get closer.

[-] snooggums@kbin.social 10 points 1 year ago

The best developers can admit they missed something, fix it, and move on to the next thing.

[-] Rhaedas@kbin.social 8 points 1 year ago

The difference is that here lots of people posted about it and action was taken. If this was corporate owned, any suggestions of a problem would have been removed or denied, and months later after it hits public media they would have admitted there might have been a problem, and here's some free identity theft protection if you feel like you were affected.

[-] Reliant1087@lemmy.world 3 points 1 year ago

True. Looking at lemmy GitHub, it looks like everyone is swamped.

[-] EliasChao@lemmy.one 5 points 1 year ago
[-] teft@lemmy.world 15 points 1 year ago* (last edited 1 year ago)

Because he doesn't know the difference between an SQL injection and a Cross site scripting attack.

Link for those who would like to learn more.

[-] pgetsos@kbin.social 21 points 1 year ago

Or because both relate to not sanitizing your input

[-] glorious_albus@lemmy.world 13 points 1 year ago

Yeah lol. What is up with the condescension?

[-] null@slrpnk.net 2 points 1 year ago

Reddit migration side-effects.

[-] sedawk@sh.itjust.works 8 points 1 year ago

Because there was a xss bug in Lemmy cause by not escaping some inputs

this post was submitted on 10 Jul 2023
716 points (100.0% liked)

General Discussion

12053 readers
1 users here now

Welcome to Lemmy.World General!

This is a community for general discussion where you can get your bearings in the fediverse. Discuss topics & ask questions that don't seem to fit in any other community, or don't have an active community yet.


🪆 About Lemmy World


🧭 Finding CommunitiesFeel free to ask here or over in: !lemmy411@lemmy.ca!

Also keep an eye on:

For more involved tools to find communities to join: check out Lemmyverse!


💬 Additional Discussion Focused Communities:


Rules

Remember, Lemmy World rules also apply here.0. See: Rules for Users.

  1. No bigotry: including racism, sexism, homophobia, transphobia, or xenophobia.
  2. Be respectful. Everyone should feel welcome here.
  3. Be thoughtful and helpful: even with ‘silly’ questions. The world won’t be made better by dismissive comments to others on Lemmy.
  4. Link posts should include some context/opinion in the body text when the title is unaltered, or be titled to encourage discussion.
  5. Posts concerning other instances' activity/decisions are better suited to !fediverse@lemmy.world or !lemmydrama@lemmy.world communities.
  6. No Ads/Spamming.
  7. No NSFW content.

founded 1 year ago
MODERATORS