Re: [PhillyOnRails] How To needed -- testing for header injection

Cliff Moon on 27 Nov 2006 16:03:27 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PhillyOnRails] How To needed -- testing for header injection

From: Cliff Moon <cliff@chariotsolutions.com>

To: talk@phillyonrails.org

Subject: Re: [PhillyOnRails] How To needed -- testing for header injection

Date: Mon, 27 Nov 2006 11:02:40 -0500

List-archive: <http://lists.phillyonrails.org/pipermail/talk>

Reply-to: talk@phillyonrails.org

Sender: talk-bounces@phillyonrails.org

User-agent: Thunderbird 1.5.0.8 (Windows/20061025)

You can test it out using the tamper data plugin for firefox: https://addons.mozilla.org/firefox/966/ Walter Lee Davis wrote: > I have a form that I just noticed was sending some spam mail. I > hardened its inputs, replacing all instances of \n,\r, and \t with ?, > and I haven't seen any more attempts coming through it. But I would > like to check. I was there in October, and recall Cliff Moon doing > something tricky along these lines. Can anyone remind me of the right > way to test this? > > Thanks, > > Walter > > _______________________________________________ > To unsubscribe or change your settings, visit: > http://lists.phillyonrails.org/mailman/listinfo/talk > > _______________________________________________ To unsubscribe or change your settings, visit: http://lists.phillyonrails.org/mailman/listinfo/talk

References:

[PhillyOnRails] How To needed -- testing for header injection
From: Walter Lee Davis <waltd@wdstudio.com>

Prev by Date: [PhillyOnRails] How To needed -- testing for header injection

Next by Date: [PhillyOnRails] [Fwd: [PLUG] Request for speaker(s) at the 6 Dec 2006 PLUG meeting]

Previous by thread: [PhillyOnRails] How To needed -- testing for header injection

Next by thread: [PhillyOnRails] [Fwd: [PLUG] Request for speaker(s) at the 6 Dec 2006 PLUG meeting]

Index(es):

Date

Thread