"You can't trust user input" means to *not* fudge with user data in the first pl... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

revelation on July 20, 2016 | parent | context | favorite | on: Stack Overflow Outage Postmortem

"You can't trust user input" means to not fudge with user data in the first place!

If your code cares about unicode spaces at the beginning of user input, there is your problem.

(Also, you missed the reject part)

maxgee on July 20, 2016 [–]

How would you suggest running a user-created-content site without ever fudging/sanitizing the data being posted to the server?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact