[Tutor] Tainted characters and CGI

Tim Johnson tim at johnsons-web.com
Mon Oct 31 23:57:10 CET 2005

* Ron Weidner <xecronix at yahoo.com> [051031 12:38]:
> --- Tim Johnson <tim at johnsons-web.com> wrote:
> > Hello:
> > I need to tighten my handling of CGI transmissions.
> > I particular, I need to develop a strategy of safely
> > dealing with "tainted" characters.
> Ahh... tainted characters.  If by "tainted" you mean
> not UTF-8, there is a c tool called "iconv" that fixes
> "tainted" characters.  I believe Python has a wrapper,
> but I didn't check before sending this e-mail.  Good
> luck and please write back if you implement a working
> solution.
  Now that's serendipity for ya. I wasn't thinking about
  none-UTF-8 characters, but that's a good thread to
  investigate also.

  Actually, google gives me a thread


  regarding handling of characters passed from a CGI post
  that could be exploited by malicious hacking.


Tim Johnson <tim at johnsons-web.com>

More information about the Tutor mailing list