h1pmnh
commented
1 month ago Thanks for asking! Anyone can block single quotes by adjusting the character filters so there's no need to add a custom function for that.
Maybe describe here a specific example of the kind of injection you're thinking about?
Hi since u asked contributors to create an issue before sending a PR, I would like to make some fragmented sqli scenarios for the quoted challs if you're ok with that! I'll probably make them into separate files with a custom function to blacklist single quotes.