[Catalyst] {OT] protecting against attacks with multilingual input

Daniel McBrearty danielmcbrearty at gmail.com
Tue Dec 5 12:10:35 GMT 2006


How does one do this?

If you have a text input field which can be in *any* language, which
will get stored in the db, how do you protect against script
injection?

If it's just english, I normally only accept characters from a given
list (something like /[A-Za-z0-9]/ , plus whitespace and punctuation).
But if the input can be in any language .... ??

-- 
Daniel McBrearty
email : danielmcbrearty at gmail.com
www.engoi.com : the multi - language vocab trainer
BTW : 0873928131



More information about the Catalyst mailing list