DEV Community

loading...

Discussion on: My App was Under Attack!

Collapse
2spacemilk profile image
Mark Harless Author

Yep, they were just random alphanumeric characters that passed my POST validations.

screenshot of tables

Collapse
binotaliu profile image
ビノタ

Using user input as actual filenames is still a terrible idea. Consider to use an internal key or hashed string as filenames.