Comment by matsemann

Comment by matsemann 2 days ago

0 replies

View on Hacker News

It's like old school php where we used string concatenation with user input to generate queries and a whack-a-mole of trying to detect harmful strings.

So stupid, the fact that we can't distinguish between data and instructions and do the same mistakes decades later..