[Mono-dev] MS/Mono incompatibility in System.Web.HttpRequest
Edward C. Eisenbrey
nede at aliquant.com
Mon Feb 13 15:05:38 EST 2006
The input validation that occurs in the CheckString method in
/mcs/class/System.Web/System.Web/HttpRequest.cs is far more strict than
Microsoft's. In this case, I would tend to say that Mono's validation
is safer, but it might be excessive. After extensive testing, here is
the CheckString method that matches MS's version:
using System.Text.RegularExpressions;
static bool CheckString (string val)
{
Regex regex = new Regex("<[a-zA-Z\\!]+");
Match match = regex.Match(val);
return match.Success;
}
More information about the Mono-devel-list
mailing list