Shared publicly  - 
Google Injects SQL for you #security  

I remember reading something about this back in the day, I tend to agree with Google that it works as designed and it's not Google's responsibility to parse these things out. Even Bing's changes could filter out the most obvious SQL injects, unless they are obfuscated.

And of course it's not just SQL, there are lots of other things which can be injected into sites with bad input validation: take your pick of any language which allows some kind of arbitrary command to be executed inside a string.

There's probably a good Yakov Smirnoff joke which could be injected here.

via +Dennis Roos 
Add a comment...