For my next book, I’m trying to develop a reasonably comprehensive list of technologies which are potentially vulnerable to injection attacks. SQL injection is the most common, but there are of course many others. So far here are the ones I’ve got. What else am I missing?
I’ve been so busy with writing lately that I haven’t had a lot of time to bird. However, yesterday I took a couple of hours for a spin around Prospect Park. I felt like I was playing hooky, and that I should really be writing instead. (I’ve got a looming deadline for March 15.) Nothing too surprising, 30 species total including my first King’s County Common Merganser for the year:
(more…)
I was debugging some problems quoting a piece of a Google Doc article when I noticed something funny in their HTML source, an apparent string bogon. For example:
<pre> List<String><string> ls = ... ;<br/> Collections.sort(ls, new Comparator<String>() {<br/> public int compare(String s1, String s2) {<br/> return s1.length() - s2.length();<br/> }<br/> });<br/></string></pre>
In context, I think this is really a tag, not a badly escaped piece of the source document. A little googling didn’t find any information about it. I’m fairly sure this was never a real HTML tag or a browser extension, though I could have missed one somewhere. Can anyone shed some light on this?
(more…)
You are currently browsing the Mokka mit Schlag weblog archives for February, 2007.