Blogger Unbusted! Comments are safe.
by ZetaGecko | Add Your Comments | Internet, Issues/Problems
I don't know how long it's been since they fixed this, but I check again this morning and discovered that enabling comments on Blogger-generated blogs that publish to PHP, ASP, SHTML, etc. powered sites is now safe! Back at the end of March, I posted a message on Bugtraq outlining a vulnerability that I'd reported to Blogger twice before with no results. After posting to Bugtraq, I got a response from Blogger, and sometime in the last month and a half, finally action! Now, if you try to post PHP, ASP or other server-processed code in a comment, Blogger refuses to publish the comment. Good solution guys!
Comments are now enabled here, and will be enabled on the rst of my blogs as I get the time to republish them. Yeah!