This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Talk:Preventing LDAP Injection in Java"

From OWASP
Jump to: navigation, search
(No difference)

Revision as of 11:23, 11 September 2006

Question - would it be better to encode using a whitelist approach? I.e. encode everything that is not in a limited set of safe characters? Jeff Williams - 11:54, 14 August 2006 (EDT)

My only concern with that approach is that we'll be breaking the spec- some LDAP implementations may not handle escaped characters that are not meta-characters properly. Stephendv 07:23, 11 September 2006 (EDT)

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Preventing_LDAP_Injection_in_Java&oldid=9604"