teusink

# Microsoft
# WARNING: These are not headers that indicate an auto-reply, but headers that request the recipient to NOT send an auto-reply back
# 1 "X-Auto-Response-Suppress: All"
# 1 "X-Auto-Response-Suppress: AutoReply"
# 1 "X-Auto-Response-Suppress: DR"
# 1 "X-Auto-Response-Suppress: NDR"
# 1 "X-Auto-Response-Suppress: NRN"
# 1 "X-Auto-Response-Suppress: OOF"
# 1 "X-Auto-Response-Suppress: RN"

teusink

<html>
<head>
<title>Input validation for web-applications, how to process input safely and securely</title>
<script>
function validateForm() {
	/*	Step 1: Check if the input is actually sent and received
			This step is only done when sending data from the client to the server.
			So it holds no relevance here.
		
		Step 2: Store input in memory, separate it from the source

teusink

### The Netherlands
.amsterdam
.frl
.nl
### Belgium
.be
.brussels
.gent
### Luxembourg
.lu

teusink

### European Union (EU) TLDs
.at
.be
.bg
.hr
.cy
.cz
.de
.dk
.ee

teusink

# Domains used for email by consumers and consumer ISPs
# Included: General email providers, and Dutch and Belgium consumer ISPs
#
# GENERAL EMAIL PROVIDERS
aol.com
compuserve.com
cs.com
gmail.com
googlemail.com
hotmail.com

teusink

# Domains with malicious or phishing intent by mimicing domains from real email services
# Examples: example domains (RFC 2606 & 6761) and fake domains that spoof real domains used for email services
address.local
cacema.nl
casama.nl
example.com
example.net
example.org
gmail.nl
gmial.com