Loading…
AppSec Europe 2018 has ended
                                                                                    ***Content is subject to change.***
View analytic
Thursday, July 5 • 10:15am - 11:00am
Unicode: The hero or villain? Input Validation of free-form Unicode text in Web Applications LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

The most difficult fields to validate are so called free text fields", as the most frequent stereotype of web application input valiation goes, becomes even more complicated when the free text contains multi-language Unicode. Unicode is indeed complicated and tricky to get right on the first try, but for application defenders it's actually a great tool to get the input validation right. This talk will clear misconceptions about Unicode input validation, explain what Unicode normalization, canonicalization and character classes are, and how these can be used to make your input validation bulletproof rather than cause head aches.



Speakers
avatar for Paweł Krawczyk

Paweł Krawczyk

Senior Application Security Consultant, Kainos
Throught the years of architecting application security programs for Aon, Goldman Sachs, HSBC and others, I've been mostly interfacing between techies and senior management, while still being an active developer and hands-on infosec consultant.


Thursday July 5, 2018 10:15am - 11:00am
St James - 4th Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE

Attendees (26)