[Mono-dev] MS/Mono incompatibility in System.Web.HttpRequest

Edward C. Eisenbrey nede at aliquant.com
Mon Feb 13 15:05:38 EST 2006

The input validation that occurs in the CheckString method in
/mcs/class/System.Web/System.Web/HttpRequest.cs is far more strict than
Microsoft's.  In this case, I would tend to say that Mono's validation
is safer, but it might be excessive.  After extensive testing, here is
the CheckString method that matches MS's version:

using System.Text.RegularExpressions;

static bool CheckString (string val)
	Regex regex = new Regex("<[a-zA-Z\\!]+");
	Match match = regex.Match(val);
	return match.Success;

More information about the Mono-devel-list mailing list