Open GoogleCodeExporter opened 9 years ago
The MySQL codec should ONLY escape single quotes, I agree.
Original comment by manico.james@gmail.com
on 28 Oct 2009 at 7:44
would this not be the same as the current ANSI encoding in the MySQLEncoder. It
is
currently only escaping the ' character. If that is what we want to do I will
resolve
this and commit the fix.
Original comment by chrisisbeef
on 29 Oct 2009 at 5:23
Original comment by chrisisbeef
on 2 Dec 2009 at 7:54
This was fixed a while ago - only ' should be encoded (to '')
Mikael Mechoulam, can you confirm this is fixed in the latest ESAPI release?
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 12:33
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 2:11
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 2:12
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 2:12
No, this was fixed just now in 1.4, still needs fixing in 2.1, discussing with
group
first.
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 2:22
PS: Chris, yes, you are right - this is just switching the default "mode"
variable to 1
Original comment by manico.james@gmail.com
on 5 Dec 2009 at 2:23
Reassigned to Jim since he is working on Encoders at this time.
Original comment by chrisisbeef
on 5 Dec 2009 at 6:05
Original comment by manico.james@gmail.com
on 29 May 2012 at 3:23
Original comment by chrisisbeef
on 18 Sep 2014 at 4:28
Original issue reported on code.google.com by
Mikael.M...@gmail.com
on 24 Jul 2009 at 9:41