[Catalyst] {OT] protecting against attacks with multilingual input
Daniel McBrearty
danielmcbrearty at gmail.com
Tue Dec 5 12:10:35 GMT 2006
How does one do this?
If you have a text input field which can be in *any* language, which
will get stored in the db, how do you protect against script
injection?
If it's just english, I normally only accept characters from a given
list (something like /[A-Za-z0-9]/ , plus whitespace and punctuation).
But if the input can be in any language .... ??
--
Daniel McBrearty
email : danielmcbrearty at gmail.com
www.engoi.com : the multi - language vocab trainer
BTW : 0873928131
More information about the Catalyst
mailing list