Email Injections
le 11 juillet 2006 par sahid
Un formulaire de contact sécurisé
l’Email injection consiste a modifier l’entete de l’email envoyé, ce qui permet d’envoyer un courrier non sollicité, ou plus simplement des “pourriel” depuis votre serveur web
Pour vous proteger
En fait c’est assez simple, il suffit de filtrer les données saisies dans le formulaire de maniere adequate, en enlevant par exemple toutes balises html ou autre.
Tableau de bord
11 juillet 2006 at 20:12
et comment doit on faire ?
15 juillet 2006 at 16:59
ca dependra du language que tu utiliseras, mais il faut bien penser à netoyer toutes les valeurs transmisent par le formulaire avant de les traiter.
8 février 2007 at 13:24
Att; Sir / Madam
i find your contact in my late father fill.
I knew is wrong to contact you through this means but is just that i am desparate and my pressent condition now is fruastrating, that was why i use this medium to fasting up my request.
I am Ruth Paul the daughter of the late assacinated sinator in zimbabwe but pressentlly i am in abidjan, capital city of ivoiry coast in west africa, for the past two months now.
i want you to assist me withraw and transfer my dad money into your account in your country and also take me and my brother out of here that had made us orpharn.Why i contacted you was that i went to the bank to withraw this money since my late father use my name as the next of kin to the deposit but i was told by the bank that my late father made an agreement with them that i have to get to the age of 25yrs before i can make claim of the money or alternativlly i should provide a guardain who can make the claim on my behalf and that was why i contacted you.you can reach me on phone:+22507511157.
Miss Ruth Paul.