Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Common language specific pitfalls"

From NetSec
Jump to: navigation, search
(Created page with "Common language-specific pitfalls: PHP specific pitfalls: File inclusion by remote and local Situationally bad sanitizing: addslashes() htmlspecialchars() ...")
(No difference)

Revision as of 11:11, 2 December 2012

Common language-specific pitfalls: 

 PHP specific pitfalls:
   File inclusion by remote and local 
   Situationally bad sanitizing:
    addslashes()
    htmlspecialchars()
    mysql_real_escape_string()
 Perl specific pitfalls:
   Command injection with open()      
 Python specific pitfalls:
   Urllib opens/follows file:// resource location response headers   (Python)
 Ruby (eruby and rails) specific pitfalls:
   attr_protected
   CGI.EscapeHTML()
Retrieved from "http://nets.ec/index.php?title=Common_language_specific_pitfalls&oldid=10671"