WebApp Sec mailing list archives
RE: How to handle "special characters"
From: sparkes <sparkes () westmids biz>
Date: Thu, 11 Dec 2003 17:43:56 +0000
On Wed, 2003-12-10 at 16:55, Tony Langley wrote: <snip>
1) Which chars are always safe (if there are any).
there aren't
2) Which chars are always dangerous.
those entered by the user
3) Those which are sometimes one or the other.
everything else sorry to be pessamistic but this is the only truth you need to know to stay safe sparkes
Current thread:
- How to handle "special characters" Sekurity Wizard (Dec 10)
- Re: How to handle "special characters" Clint Bodungen (Dec 10)
- RE: How to handle "special characters" Tony Langley (Dec 10)
- RE: How to handle "special characters" sparkes (Dec 11)
- RE: How to handle "special characters" riptide (Dec 11)
- RE: How to handle "special characters" sparkes (Dec 11)
- <Possible follow-ups>
- RE: How to handle "special characters" Brown, James F. (Dec 11)
- RE: How to handle "special characters" appsec (Dec 11)
- RE: How to handle "special characters" Sachin Hamirwasia (Dec 14)
- RE: How to handle "special characters" Ghita Serban (Dec 15)
- Re: RE: How to handle "special characters" .Saphyr (Dec 15)
- Re: How to handle "special characters" Tobias Mathes (Dec 15)
- RE: How to handle "special characters" Sachin Hamirwasia (Dec 14)
- RE: How to handle "special characters" Keifer, Trey (Dec 11)
- RE: How to handle "special characters" Ghita Serban (Dec 12)
- RE: How to handle "special characters" Tom Stowell (Dec 13)