Questions about this topic?
Sign up
to ask in the talk tab
.
Common language specific pitfalls
From NetSec
Jump to:
navigation
,
search
Contents
1
PHP specific pitfalls
1.1
File inclusion by remote and local
1.2
Situationally bad sanitizing
1.2.1
addslashes()
1.2.2
htmlspecialchars()
1.2.3
mysql_real_escape_string()
2
Perl specific pitfalls
2.1
Command injection with open()
3
Python specific pitfalls
3.1
Urllib opens/follows file:// resource location response headers (Python)
4
Ruby (eruby and rails) specific pitfalls
4.1
attr_protected
4.2
CGI.EscapeHTML()
PHP specific pitfalls
File inclusion by remote and local
Situationally bad sanitizing
addslashes()
htmlspecialchars()
mysql_real_escape_string()
Perl specific pitfalls
Command injection with open()
Python specific pitfalls
Urllib opens/follows file:// resource location response headers (Python)
Ruby (eruby and rails) specific pitfalls
attr_protected
CGI.EscapeHTML()
Category
:
Secure programming
Navigation menu
Views
Page
Discussion
View source
History
Personal tools
English
Log in
Request account
Wiki
Main page
The index
Contribute
Recent changes
Random page
Community
IRC Chat
@NetsecStaff
Requesting an account
Classes
Search
Tools
What links here
Related changes
Special pages
Permanent link
Page information
