Comment by aja12
4 months ago
That's fallacious for two reasons:
1: you can set secure defaults at one place globally, but your code must be correct all the time to be free of SQLi
2: it's usually not the same persons who configure the DB and who write the code.
Security is an onion, not a coconut.
No comments yet
Contribute on Hacker News ↗