• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
What can happen if i use a loose URL chars restriction?

#2
[eluser]Rick Jolly[/eluser]
You just need to be concerned if you are echoing anything from your url. For example, you wouldn't want to print this to the browser: "controller/method/<scribt>alert('may I steal your cookie?')</scribt>". As long as you run the uri or it's segments through htmlspecialchars(), then you won't have a problem.

Kohana has actually done away with the allowed url characters restriction.


Messages In This Thread
What can happen if i use a loose URL chars restriction? - by El Forum - 08-19-2008, 03:55 PM
What can happen if i use a loose URL chars restriction? - by El Forum - 08-19-2008, 04:26 PM
What can happen if i use a loose URL chars restriction? - by El Forum - 08-20-2008, 12:09 AM
What can happen if i use a loose URL chars restriction? - by El Forum - 08-20-2008, 09:02 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.