Re: Injection in mail()

..oO(moosus)

I do understand about code injection.

I guess the question was more "is it possible to inject onto 'string
message' parameter of the email function?

No. Injection requires a modification of header fields. In case of the
mail() function you have to take care of the 1st, 2nd and 4th parameter.

Micha
.

Relevant Pages

  • Re: Root Relative Path
    ... Unfortunately the tilde reference to the root doesn't help in my situation ... a string of HTML into the pages via a Literal control - so it's the browser ... >> desire to inject a different string per document. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Suggested Alternative Unicode Implementation (for Rudy+ misc others)
    ... compiler in order to determine the correct RTL code to inject. ... Are you really need to deal with ANSI strings in different codepage ... Just to substitute explicit string ...
    (borland.public.delphi.non-technical)
  • Re: map and join or inject?
    ... It has to do with the block you gave inject() and the definition of String.+. ... concatenated to str. ... The keywords there being "new String." ... And if we use that, we can get down to less objects than map, because we don't need the Array: ...
    (comp.lang.ruby)
  • Re: Spring injection with java annotation?
    ... I am wondering if I can use an annotation to inject property and avoid ...    private String firstname; ...
    (comp.lang.java.programmer)
  • Re: numbers of a record in an array
    ... For each e in cnt ... (which is a reference to the hash returned by "Hash.new"), ... can't convert String into Integer ... You need to "inject" a Hash back into the block on each iteration, ...
    (comp.lang.ruby)