|
Steve Bergman
steve at rueb.com
Sat Sep 24 09:59:21 EDT 2005
How much does the publisher do with respect to data validation?
e.g. Does it insure that the data returned from a form field consists
entirely of printable characters, or is that my responsibility?
If so, is there a prefered way to do it. The method I'm using (lifted
from the "Python Cookbook") seems a bit convoluted:
from string import maketrans, translate, printable
allchars = maketrans('','')
delchars = translate(allchars, allchars, printable)
input_string = translate(input_string, allchars, delchars)
It seems like there would be a simple function or method to do this kind
of basic input data sanitization, but I can't seem to find it.
Other than checking lengths and printablility, what other security
checks are good practice?
Thanks,
Steve Bergman
|