|
| High bit characters and site internationalization (I18N) |
 |
Wed, 2 Apr 2008 15:56:10 +0000 |
I am developing an I18N site which supports multiple languages. Based on user
language prefs the site displays correctly in all supported languages. Users of
the system also have the ability to enter special characters of some of my
forms. These include the extended ASCII chars above 127.
Is there any factual evidence that this poses a security risk to my IIS 6
deployment? I know in the early days of IIS, there were issues with special
chars, escape sequences and the like. There were known attaches. But how can
passing an encoded URL with high bit chars in the querystring pose a threat.
Many, many sites implement I18N these days. If a threat does exist, can anyone
share some insite as to how form data should be passed (via HTTP) including
extended ascii codes?
Thanks
|
| Post Reply
|
|
|
|
|
|
|
|
|
|