Special character input validation


Fellows I have an issue with some fields, of my project. So I know that I have try these fields with diferent special chars, and some of them are vunerable. So the issue here is that some of these fields like address and controller. need to be validated. I know these especial fields need to be checked but also these need to acept special chars

So I research the topic as I was asked before. The input are prone to XSS,SQLinject. Xpath injection, and other kind of inyections. So this can lead to loss of integrity in both inputs address and the other of controller. In these cases I think the only special char that they can acept, are related with that data. In the case of address the sign “#” and in the case of the controller the “/ " sign”

I think this is the proper way to handle these situations
thanks for your help

Could you update the initial question with:

  • your previous research on the topic
  • your initial analysis and conclusions

Also, Do you think that this behavior impacts Integrity? Why?

As was suggested before I did the research.The fields has to have some level of protection. But in these special cases must acepted. In the case of # for example, must be acepted and it doesn’t afect the integrity. In the case of the controllers the slash also must be acepted.

I think in these fields, the integrity is not afected, given the requierments of these fields

I understand and agree. You could solve the topic.

1 Like

The idea of editing the question (initial post) is to reframe the question but not to remove it and then only have an answer in the initial post. Please work together to update this topic and have the appropriate sequence of questions and answers for future reference for new participants.

1 Like

as were asked before by blue-snot I reframe the initial part of the question. to have like a history of the entire topic.If it needs futher editing. just ask me
thanks for your help