Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Caution will nasty user input
- Derek Fountain
January 15, 2005, 5:45 pm
rate this thread
stuff, and determined that it contains characters I'm not happy with. I'd
like to store it or email it to an administrator for inspection (so attack
types can be monitored and so on).
What steps should I take to ensure that the code that delivers the email or
writes to the log file doesn't get exploited by something which I know is
nasty? I thought of base64 encoding it, but that would render it unreadable
without a special viewer of some sort. Is there something I can do to
guarantee the string is harmless without obfusticating it too much?
The email address used to post is a spam pit. Contact me at
http://www.derekfountain.org : <a
href="http://www.derekfountain.org /">Derek Fountain</a>
- R. Rajesh Jeba Anbiah
January 15, 2005, 4:23 pm