DEV Community

Discussion on: My App was Under Attack!

2spacemilk profile image
Mark Harless Author • Edited on

Yep, they were just random alphanumeric characters that passed my POST validations.

screenshot of tables

binotaliu profile image

Using user input as actual filenames is still a terrible idea. Consider to use an internal key or hashed string as filenames.