Hacker News new | past | comments | ask | show | jobs | submit login

Honestly, they could have just used a whitelist instead of a blacklist.

One could easily fuck usage of a library. Common sense is required.

Attempting to ban "http" as a method of ensuring "https", is obviously less ideal than ensuring "https"... by checking for "https".




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: