C validating filename updating bios flash
I am still fairly new to C , so my trouble could just be an oversight.Here is the output I get.------ Build started: Project: Is Valid File Name Test, Configuration: Debug Win32 ------Compiling...If stopping XSS was a simple as finding a magic regex, a lot of us would be out of jobs.
Imagine trying to authenticate a user nameed "Foo'or True Or'foo" — no "dangerous" characters, but there goes your login scheme.
If all you're doing is reading and writing to the db, then properly parameterizing queries should take care of the problem.
You must be careful when making access decisions for a file.
Taking relative pathnames and links into account, it is possible for multiple filenames to refer to the same file.
I'll try to give a proper answer myself: The only punctuations that should be allowed in a name are full stop, apostrophe and hyphen. This would sum up to this regex: Sorry, you're still going to leave valid names out in the cold. Hi John, the regex does support diacritics (arabic is also in the test cases) with the \p. in your example those would be "John W." (or "John" and "W.") and "Saunders". But even then, using a regex will only guarantee that the input matches the regex, it will not tell you that it is a valid name EDIT after clarifying that this is trying to prevent XSS: A regex on a name field is obviously not going to stop XSS on it's own.