whenever use filter
(&(initials=abc)(title=manager) ) this filter includes line feed.
executing filter string reports unbalanced parenthesis ldap error.
can 1 please out this, how handle line feeds? filters line feeds supported in ldap? invalid filter or can handled, maybe using escaping techinique?
are accepting filters user input , using directly input ldap queries? security reasons, advise against ever using unsanitized user input in way, regardless of target database. correct approach accept parameters user , dynamically build filters using parameters (note still need take escaping rules account prevent possible injection attacks. why should use tool build dynamnic filters, e.g. filter support included in spring ldap).
that said, particular problem should pretty easy solve: string.replace characters want remove filter before using it.
Comments
Post a Comment