Questions about this topic? Sign up to ask in the talk tab.

Common language specific pitfalls

From NetSec
Revision as of 11:11, 2 December 2012 by JtRIPper (Talk | contribs) (Created page with "Common language-specific pitfalls: PHP specific pitfalls: File inclusion by remote and local Situationally bad sanitizing: addslashes() htmlspecialchars() ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Common language-specific pitfalls:

 PHP specific pitfalls:
   File inclusion by remote and local 
   Situationally bad sanitizing:
    addslashes()
    htmlspecialchars()
    mysql_real_escape_string()
 Perl specific pitfalls:
   Command injection with open()      
 Python specific pitfalls:
   Urllib opens/follows file:// resource location response headers   (Python)
 Ruby (eruby and rails) specific pitfalls:
   attr_protected
   CGI.EscapeHTML()