Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> For good security, you don't leak internal IDs at all, sure. It is rare to find people doing that.

We must live in a different universe. I'd wager to say that over 90% of all backends leak their primary key when speaking to the front-facing client.



I think the statement was "It is rare to find people doing good security", not "It is rare to find people leaking internal IDs"


I read it as '[…] you don't leak internal IDs at all […]. It is rare to find people doing that [i.e. not leaking internal IDs]'


Yeah, sorry not clear. Typing on iPhone never really gets the message across as clearly as using a PC


99.9%




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: