Name: Unicode: The hero or villain? Input Validation of free-form Unicode text in Web Applications
Start: 2018-07-05T10:15:00+0100
End: 2018-07-05T11:00:00+0100

***Content is subject to change.***

Back To Schedule

Unicode: The hero or villain? Input Validation of free-form Unicode text in Web Applications LIMITED

Feedback form is now closed.

Limited Capacity seats available

The most difficult fields to validate are so called free text fields", as the most frequent stereotype of web application input valiation goes, becomes even more complicated when the free text contains multi-language Unicode. Unicode is indeed complicated and tricky to get right on the first try, but for application defenders it's actually a great tool to get the input validation right. This talk will clear misconceptions about Unicode input validation, explain what Unicode normalization, canonicalization and character classes are, and how these can be used to make your input validation bulletproof rather than cause head aches.

Speakers

Paweł Krawczyk

Owner, Krawczyk Industries Limited

Throught the years of architecting application security programs for Aon, Goldman Sachs, HSBC and others, I've been mostly interfacing between techies and senior management, while still being an active developer and hands-on infosec consultant.

Thursday July 5, 2018 10:15am - 11:00am BST
St James - 4th Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE

Developer

Host Organization OWASP Foundation

AppSec Europe 2018

Paweł Krawczyk

Attendees (26)

AppSec Europe 2018

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Paweł Krawczyk

Attendees (26)