http://mike.crute.org/blog/2006/08/27/field-validation-stupidity/ import random; return random.shuffle(mike_crute.thoughts) Tue, 07 Oct 2008 17:06:46 +0000 http://wordpress.org/?v=2.5.1 http://mike.crute.org/blog/2006/08/27/field-validation-stupidity/#comment-923 Matt Cohen Thu, 21 Sep 2006 15:09:23 +0000 http://mike.crute.org/blog/2006/08/27/field-validation-stupidity/#comment-923 Outside of input validation at all tiers, my biggest security pet peeve for apps is when people use easy to script url parameters, such as "MLSNum=84145". 84146, 84147... the fun never ends until the data is scraped. Just use a GUID, for goodness sake! Outside of input validation at all tiers, my biggest security pet peeve for apps is when people use easy to script url parameters, such as “MLSNum=84145″. 84146, 84147… the fun never ends until the data is scraped. Just use a GUID, for goodness sake!

]]>