Jump to content
You are about to reply to a thread that has been inactive for 4874 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Posted

Hey again guys,

So pretty much I have a llHTTPRequest script that works with a listen that checks to see if the username is registered; whether or not it is registered to the user's key. I've managed to get it all working but I managed to recreate some sort of breach/break by saying 'whateverusername&postdata=...'. Normally it validates the username through the PHP script but in this case, a user can inject post data and bypass it - potentially being malicious.

I assume that the string can be validated before it is passed to my web server (all & characters are to be removed), but is there any other security measures I should take that I could be unaware of? I'm familiar with mysql parameter binding and prepared statements to prevent SQL injection.

Posted

there should be more than a few php routines available online for sanitizing input... and you can validate the data length is less than the max that an LSL script can send (64k, 60k realistically) to squash any type of overflow attempts.

  • Like 1
Posted

I kicked myself after I found out about llEscapeURL and llUnescapeURL - it can be pretty much used for the same purpose as  bind_param() in php. So if someone types 'test&uhoh=100000' (say it's a game statistic), it'd actually be posted as 'test%26uhoh%3D100000'. The length validation was in place, but I was unaware of the overflow breach, thanks for the heads up!

You are about to reply to a thread that has been inactive for 4874 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...