Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API:解決關鍵字的查詢漏洞 #52

Open
anntsai2356 opened this issue Aug 9, 2019 · 3 comments
Open

API:解決關鍵字的查詢漏洞 #52

anntsai2356 opened this issue Aug 9, 2019 · 3 comments
Assignees
@anntsai2356
Labels
後端
Milestone
sprint 6

Comments

@anntsai2356
Copy link
Contributor

定義正常和不正常的輸入
@anntsai2356 anntsai2356 added this to the Sprint 4 milestone Aug 9, 2019
@anntsai2356 anntsai2356 self-assigned this Aug 9, 2019
@anntsai2356 anntsai2356 modified the milestones: Sprint 4, sprint 5 Aug 13, 2019
@anntsai2356
Copy link
Contributor Author

anntsai2356 commented Aug 13, 2019
edited
Loading

laravel sql injection
正規檢驗方法

@anntsai2356 anntsai2356 modified the milestones: sprint 5, sprint 6 Aug 22, 2019
@ssiyang
Copy link

ssiyang commented Sep 6, 2019

replace(/[\ |~|`|!|@|#|$|%|^|&|*|(|)|-|_|\ |=|||\|[|]|{|}|;|:|\”|\’|,|<|.|>|/|?]/g, ' ')
前端已加入正規檢測,會將符號替換掉

@anntsai2356
Copy link
Contributor Author

確認可以擋下符號,但後端也要做

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anntsai2356 anntsai2356

Labels
後端
Projects
None yet
Milestone
sprint 6
Development

No branches or pull requests
2 participants
@anntsai2356 @ssiyang