FUDforum - خوراک RDF
http://fudforum.org/forum/index.php
Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187500&th=123932#msg_187500
Someone was saying similar things can happen also in phpBB
]]>alopezie2018-06-30T20:10:20-00:00Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187501&th=123932#msg_187501
Can your specialist maybe help with a patch?
]]>naudefj2018-07-01T07:25:51-00:00Aw: Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187502&th=123932#msg_187502
Also see the nice german logo in the message box.
To prevent this I guess it would require just to add the php function "mb_check_encoding" in any data entry ....]]>alopezie2018-07-01T07:32:04-00:00Re: Aw: Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187503&th=123932#msg_187503
We can add it to check_post_form() in postcheck.int.t.
Can you assist with a patch?]]>naudefj2018-07-01T08:00:30-00:00Aw: Re: Aw: Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187504&th=123932#msg_187504
But will send him the source code and ask him for help]]>alopezie2018-07-01T08:11:53-00:00Aw: Re: Aw: Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187507&th=123932#msg_187507
Zitat:
Hello, I have checked this and would let that go!
Unfortunately, these are all valid special characters, which also occur in the UTF-8 character set.
The bad guys here are the ones here: Thai์๋lä์์๋n์๋der, who can make several ์๋๋์๋๋๋๋๋, but unfortunately there is no clear pattern here that could be used to filter.
Okay, this is not a security problem, so we may stay "as-is" for the moment - in case it becomes a flood we have to recheck]]>alopezie2018-07-02T06:44:44-00:00Re: Aw: Re: Aw: Re: Cleaning of Entered data / "Invalid Encoding Attack"
http://fudforum.org/forum/index.phpindex.php?t=rview&goto=187508&th=123932#msg_187508
Ban the buggers that post crap on your forum.]]>naudefj2018-07-02T06:47:50-00:00