【发布时间】:2014-12-14 22:33:14
【问题描述】:
如何使用StringEscapeUtils 类来保护代码免受 LDAP 注入漏洞的影响?
我该如何逃脱searchBase、searchMask、scontrols?
try {
do {
NamingEnumeration<SearchResult> answer = null;
try {
answer = ctx.search(searchBase, searchMask, scontrols);
printSearchEnumeration(answer);
if (maxSize == 0)
exceedLimit = false;
else {
if (list.size() >= maxSize)
【问题讨论】:
标签: java security ldap code-injection