|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: RE: Canonicalization
jovan.burd
yahoo.com
Date: Thu Apr 13 2006 - 00:29:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Yes. All kinds of encoding must be decoded to simplest format.
Absence of Canonicalization might lead to a security flaw like SQL injection.
Lots of SQL injection takes place because the programmer of a web application has forgotten to convert a single quote (') to two single-quotes ('').
-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]