DEV Community

Discussion on: My App was Under Attack!

Collapse
2spacemilk profile image
Mark Harless Author • Edited on

Yep, they were just random alphanumeric characters that passed my POST validations.

screenshot of tables

Collapse
binotaliu profile image
ビノタ

Using user input as actual filenames is still a terrible idea. Consider to use an internal key or hashed string as filenames.