⬆️ ⬇️

Null character inside tag

Old bug is more expensive than new two?



Made for myself an interesting discovery, it turns out to be a line



<\0b>text</b> - where \ 0 is a character with code 0

')

IE interprets as a normal bold tag with all the consequences, the same goes for the <script> <style> tags and others.



This in turn means that deleting potentially dangerous elements using str_replace, preg_replace (PHP), s / <script /.../ i (Perl, sed) and other replace () functions for other languages ​​will not give the desired results.



The same applies to filtering by white lists, which simply may not count the sequence <\0b>text</b> tag.



Fortunately, Firefox, Opera and Safari do not think so. Developers, be careful when filtering user data!

Source: https://habr.com/ru/post/57562/



All Articles