undefined | Better HN

0 pointsTerr_1y ago0 comments

> This is just plain wrong. A WAF rule meant to prevent credit card numbers from being output would not block the server from accepting credit card numbers

Until you have any kind of JS code where the contents of an input box are round-tripped, so that the user enters a number and then either the interface brake so it starts getting blanked out against their will.

0 comments

bastawhiz1y ago

That's literally just a variant of the issue being described here.

j / k navigate · click thread line to collapse

0 pointsTerr_1y ago0 comments

> This is just plain wrong. A WAF rule meant to prevent credit card numbers from being output would not block the server from accepting credit card numbers

0 comments

bastawhiz1y ago

That's literally just a variant of the issue being described here.

j / k navigate · click thread line to collapse