Hacker News new | comments | ask | show | jobs | submit login
XPath injection issues are severely underrated (tomforb.es)
4 points by orf 30 days ago | hide | past | web | favorite | 1 comment



The points made are all valid, but in all of the times I’ve used XPath, the XPath side of things has been inside the code that we control - I’ve never encountered a use case where the XPath comes from an external source / is provided by the user (except on websites for experimenting with XPath queries).




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: