摘要 |
<p>Techniques are disclosed for enhancing the security of a web application by using input filtering. An input filter may be configured to process untrusted input data, character by character, and to replace certain characters in text-based input with visually similar characters. This approach may be used to block a specified list of“triggering”characters as they come in and replace them with characters similar in appearance but without the syntactic meaning that triggers an attack or otherwise exploits a vulnerability in a web-application.</p> |