Am 21.06.2011 17:55, schrieb Tomas Kuliavas:
> They submit it in utf-8 only if your html form allows them to do that or > they don't follow html specification and try to exploit your form. Set > form input charset to iso-8859-1 and your nbspace will take only one byte. and this naive attitude is the root of most security problems! why do you believe that every client submission is coming over your form or generally over anything you can control?
signature.asc
Description: OpenPGP digital signature
