The Forgotten Single Quote

This is a blog describing something very trivial — lack of proper escaping of the single quote (U+0027) in many commonly used string escaping libraries — with very serious side effects (potential for cross site scripting).

Continue reading “The Forgotten Single Quote”

Advertisements
The Forgotten Single Quote