directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@apache.org>
Subject Re: Problems with preventing LDAP injection
Date Tue, 29 Sep 2009 16:16:23 GMT
satish gutta wrote:
> To prevent attacks we scan our LDAP queries for special characters and
> replace them with respective unicode values,
>
> we use the following code
>
>   
Is the filter you are processing the internal part if the filter ? (ie, 
if the LDAP filter is something like (at=<internal part>), with 
<internal part> being "(g*")

Is it on ADS 1.5.4 ?

-- 
--
cordialement, regards,
Emmanuel L├ęcharny
www.iktek.com
directory.apache.org



Mime
View raw message