WebApp Sec mailing list archives
Re: Lazy sanitizing of data for SQL queries
From: "Sverre H. Huseby" <shh () thathost com>
Date: Fri, 24 Jan 2003 21:31:03 +0100
[HarryM] | Perhaps a good way of lazily sanitising data to be inserted into | an SQL query would be to Base64 encode it? [...] Can anyone see a | problem with this idea? Yes. What would you do for columns that were not textual? Sverre. -- shh () thathost com Computer Geek? Try my Nerd Quiz http://shh.thathost.com/ http://nerdquiz.thathost.com/
Current thread:
- Re: Lazy sanitizing of data for SQL queries Sverre H. Huseby (Jan 24)
- Re: Lazy sanitizing of data for SQL queries Sverre H. Huseby (Jan 24)
- <Possible follow-ups>
- RE: Lazy sanitizing of data for SQL queries Brass, Phil (ISS Atlanta) (Jan 24)
- RE: Lazy sanitizing of data for SQL queries Lawrence, Gabriel (Jan 24)