Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)

Clive D.W. Feather clive at
Mon Aug 2 14:25:47 BST 2010

Ian Batten said:
>> The server, as in a dedicated host offering professional services  
>> should
>> protect itself against anything the "internet" throws against it,
> Except that's both contrary to the law in every other field, and  
> incredibly elitist.

I disagree with you and agree with the intent of the statement.

A URL is a string of (to a first approximation) printable characters. A web
server should be able to handle any string of printable characters in the
URL field of the GET request and do something sensible with it. This might
be a 403 or a 404, but it shouldn't be accessing files that it's not
supposed to return to the user and it shouldn't do anything unauthorized.

Clive D.W. Feather          | If you lie to the compiler,
Email: clive at     | it will get its revenge.
Web:  |   - Henry Spencer
Mobile: +44 7973 377646

More information about the ukcrypto mailing list