Comments on: regex 0.9.4 http://larsolavtorvik.com/2008/04/regex-0_9_4/ my developer blog... Mon, 06 Feb 2012 14:35:57 +0000 http://wordpress.org/?v=2.6.2 By: Edwardo Koegel http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-33205 Edwardo Koegel Tue, 31 Aug 2010 00:35:10 +0000 http://larsolavtorvik.com/?p=8#comment-33205 Sick of obtaining low amounts of useless traffic for your website? Well i wish to inform you of a new underground tactic that produces me personally $900 each day on 100% AUTOPILOT. I possibly could be here all day and going into detail but why dont you just check their site out? There is really a great video that explains everything. So if your serious about producing hassle-free cash this is the website for you. <a href="http://tiny.cc/p7mq4" rel="nofollow">Auto Traffic Avalanche</a> Sick of obtaining low amounts of useless traffic for your website? Well i wish to inform you of a new underground tactic that produces me personally $900 each day on 100% AUTOPILOT. I possibly could be here all day and going into detail but why dont you just check their site out? There is really a great video that explains everything. So if your serious about producing hassle-free cash this is the website for you. Auto Traffic Avalanche

]]> By: Successful http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-33181 Successful Sun, 14 Feb 2010 21:37:09 +0000 http://larsolavtorvik.com/?p=8#comment-33181 Thanks admin this is web sites very nice . Thanks admin this is web sites very nice .

]]> By: Mark http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-26 Mark Tue, 29 Apr 2008 15:25:44 +0000 http://larsolavtorvik.com/?p=8#comment-26 Yes, watching the logs will be fun :) Yes, watching the logs will be fun :)

]]> By: Volcane http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-25 Volcane Tue, 29 Apr 2008 15:03:02 +0000 http://larsolavtorvik.com/?p=8#comment-25 Thanks Lars, I think you're app is great I have used several and reviewed several and once yours is sorted I think it will become my regex tester of choice, keep it up :) The basic rule is never rely on the client for input testing always do it server side and try to think out the box in terms of how people will use your app, def add some logging to see exactly what people are putting into your form so you can see what is being tried etc Thanks Lars, I think you’re app is great I have used several and reviewed several and once yours is sorted I think it will become my regex tester of choice, keep it up :)

The basic rule is never rely on the client for input testing always do it server side and try to think out the box in terms of how people will use your app, def add some logging to see exactly what people are putting into your form so you can see what is being tried etc

]]> By: Lars Olav Torvik http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-24 Lars Olav Torvik Tue, 29 Apr 2008 14:36:34 +0000 http://larsolavtorvik.com/?p=8#comment-24 Oh another small comment for Mark. There actually are a couple of people who can't proccess regex in their heads :D Oh another small comment for Mark. There actually are a couple of people who can’t proccess regex in their heads :D

]]> By: Lars Olav Torvik http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-23 Lars Olav Torvik Tue, 29 Apr 2008 14:26:53 +0000 http://larsolavtorvik.com/?p=8#comment-23 It seems I'm a bit naive when it comes to security. Not used to create applications like this. Usally just regular registrations forms etc that I need to make secure from injection attacks etc. I just created a tool I would like to use my self and decided to share :-) Mark: Thanks for the tips about the modifiers. The modifiers should now be filtered on the server. Volcane: I have done some other small modifications now but not sure if I have catched the security breach you saw or if it is the same as Mark commented. I would apreaciate it if you could send me a mail at meAlfaLarsolavtorvik.com with a concrete example I can test with. Atleast my app is getting some testing ;-) It seems I’m a bit naive when it comes to security. Not used to create applications like this. Usally just regular registrations forms etc that I need to make secure from injection attacks etc. I just created a tool I would like to use my self and decided to share :-)

Mark: Thanks for the tips about the modifiers. The modifiers should now be filtered on the server.

Volcane: I have done some other small modifications now but not sure if I have catched the security breach you saw or if it is the same as Mark commented. I would apreaciate it if you could send me a mail at meAlfaLarsolavtorvik.com with a concrete example I can test with.

Atleast my app is getting some testing ;-)

]]> By: Mark http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-22 Mark Tue, 29 Apr 2008 13:49:33 +0000 http://larsolavtorvik.com/?p=8#comment-22 (Still, nice little tool though, for people who can't yet process regex in their heads :-) (Still, nice little tool though, for people who can’t yet process regex in their heads :-)

]]> By: Mark http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-21 Mark Tue, 29 Apr 2008 13:10:30 +0000 http://larsolavtorvik.com/?p=8#comment-21 Yep, in firebug: document.getElementById('pcre_modifiers_multiline').value = 'e'; Enable multiline mode and hack away! Filter your modifiers server-side and prevent it from happening at all. Yep, in firebug:

document.getElementById(’pcre_modifiers_multiline’).value = ‘e’;

Enable multiline mode and hack away! Filter your modifiers server-side and prevent it from happening at all.

]]> By: Volcane http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-20 Volcane Tue, 29 Apr 2008 13:06:30 +0000 http://larsolavtorvik.com/?p=8#comment-20 Have another go, its still VERY trivial. Have another go, its still VERY trivial.

]]> By: Lars Olav Torvik http://larsolavtorvik.com/2008/04/regex-0_9_4/#comment-19 Lars Olav Torvik Tue, 29 Apr 2008 12:03:48 +0000 http://larsolavtorvik.com/?p=8#comment-19 Thanks for your comment. I have installed a patch that hopefully solves this problem :-) Thanks for your comment. I have installed a patch that hopefully solves this problem :-)

]]>