Skip to Main Content
Secure Development for Mobile Apps
book

Secure Development for Mobile Apps

by J. D. Glaser
October 2014
Intermediate to advanced content levelIntermediate to advanced
472 pages
10h 44m
English
Auerbach Publications
Content preview from Secure Development for Mobile Apps
293
16
Secure clIent Server
forM vAlIdAtIon
PHP UTF-8 Input Validation
Server UTF-8 Validation
Even though the client browser has been told to send valid UTF-8 characters with
header('Content-Type: text/html; charset = utf-8'),
the server still needs to verify the character set to account for any cases where invalid
characters have either accidently or maliciously been sent.
One way to validate whether incoming strings contain valid UTF-8 is:
$utf8 = mb_detect_encoding($string, "UTF-8");
if ($utf8 ! = 'UTF-8')
{
header("Location: $LOGIN");
exit(0;
}
is process only checks the data and stops processing the script if invalid characters
are detected. It does not attempt to correct or remove invalid characters.
An alternative but potentially unsafe method is ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developing with Web Standards

Developing with Web Standards

John Allsopp
Mobile Cloud Computing

Mobile Cloud Computing

Dijiang Huang, Huijun Wu

Publisher Resources

ISBN: 9781482209037