Invisible characters must be specified to be visible in security-sensitive situations
Oren Watson via Unicode
unicode at unicode.org
Thu Feb 15 16:33:12 CST 2018
https://securelist.com/zero-day-vulnerability-in-telegram/83800/
You could disallow these characters in filenames, but when filename
handling is charset-agnostic due to the extended-ascii principle this is
impractical. I think a better solution is to specify a visible form of
these characters to be used (e.g. through otf font variants) when security
is of importance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://unicode.org/pipermail/unicode/attachments/20180215/2e712077/attachment.html>
More information about the Unicode
mailing list