nion's blog
Entries tagged as w3c
Entries tagged as w3c
Related tags
faq
programming
web security
www
23c3
acpi
advertising
announce
c
cli
code
compiler
ctf
debian
documentation
feature
file system
flagseverywhere
functions
gcc
graphs
hacking
hacks
hardware
libacpi
libs
links
linux
news
noos
open source
openbox
optimization
patches
pidgin
random blurb
rant
release
releases
security
service
setup
software
stfl
stuff
testing
text mode
tools
wtf
yacpi
annouce
apache
april
awards
bill
block
browser
bugmenot
bugs
censorship
comics
comments
community
config
data mining
dilbert
dns
dotcom
email
errm?
fail
fail2ban
feed reader
fefe
filesharing
firefox
flame
flashsucks
flickr
fun
google
grml
heise
howto
knowledge
monitoring
netscape
newsbeuter
opera
phishing
php
piratebay
power
random thoughts
retailmenot
rss
scripts
sofware
spam
suhosin
tests
trackback
video
web
web 2.0
websites
wikipedia
xing
xss
youtube
characters to escape
Posted by
Nico Golde
in
Thursday, September 27. 2007
People often are not sure which characters they should escape to prevent for example common flaws in web applications.
Just stumbled over a list by the
w3c
in their
web security FAQ
.
&;`'\"|*?~<>^()[]{}$\n\r
you may also want to remove
null bytes
.
Comment (1)
-
Trackbacks (0)
Defined tags for this entry:
faq
,
programming
,
w3c
,
web security
,
www
Related entries by tags:
smpCTF 2010 quals writeups
gcc and printf/puts optimizations
warner bros + piratebay = love
(Page 1 of 1, totaling 1 entries)
Calendar
November '15
Mon
Tue
Wed
Thu
Fri
Sat
Sun
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Quicksearch
Support
Follow @iamnion
=>my website
Recent Entries
E-Plus GSM privacy/TMSI allocation leak
Thursday, October 11 2012
Exploiting the Ubiquisys/SFR femtocell webserver (wsal/shttpd/mongoose/yassl embedded webserver)
Wednesday, August 3 2011
So what happened recently...
Wednesday, April 6 2011
Sunday, February 6 2011
exim remote vulnerability
Thursday, December 9 2010
Will my Phone Show An Unencrypted Connection?
Wednesday, September 8 2010
smpCTF 2010 quals writeups
Sunday, August 8 2010
protocol design fail: MMS notification
Wednesday, July 28 2010
acrobat reader stealing my passwords
Tuesday, June 29 2010
UnrealIRCd backdoored
Saturday, June 12 2010
Archives
November 2015
October 2015
September 2015
Recent...
Older...
Syndicate This Blog
RSS 0.91 feed
RSS 1.0 feed
RSS 2.0 feed
ATOM 0.3 feed
ATOM 1.0 feed
RSS 2.0 Comments
Categories
blogging
books
cats
debian
events
fun
google
gsm
hacks & code
linux
random blurb
s9y
software
university
web
All categories
Tag cloud
23c3
acpi
advertising
annouce
announce
april
argh
art
awards
bash
blogging
bugs
c
cli
code
conferences
config
configuration
data mining
debconf
debian
dell
dns
documentation
email
errm?
events
exploit
fail
fail2ban
filesharing
films
flame
fun
gcc
google
graphs
grml
gsm
hacking
hacks
hardware
heise
images
information
installation
internet
irc
knowledge
libacpi
links
linux
mobile phones
network
news
newsbeuter
omg
open source
opera
passwords
php
power
privacy
programming
qa
random blurb
rant
release
releases
rss
scripts
security
service
setup
shell
sms
software
spam
ssh
stfl
stuff
terminal
tests
text mode
tip
tips
tools
troubleshooting
unix
user
video
vim.editing
web
web 2.0
websites
wordpress
wtf
www
youtube
zsh