如何在 C# 中转义字符串，以用于 LDAP 查询

更新时间：2021-12-15 05:30:34

以下是我从Sophia提到的Java代码翻译成C#.

The following is my translation from the Java code mentioned by Sophia into C#.

/// <summary>
/// Escapes the LDAP search filter to prevent LDAP injection attacks.
/// </summary>
/// <param name="searchFilter">The search filter.</param>
/// <see cref="https://blogs.oracle.com/shankar/entry/what_is_ldap_injection" />
/// <see cref="http://msdn.microsoft.com/en-us/library/aa746475.aspx" />
/// <returns>The escaped search filter.</returns>
private static string EscapeLdapSearchFilter(string searchFilter)
{
    StringBuilder escape = new StringBuilder(); // If using JDK >= 1.5 consider using StringBuilder
    for (int i = 0; i < searchFilter.Length; ++i)
    {
        char current = searchFilter[i];
        switch (current)
        {
            case '\':
                escape.Append(@"5c");
                break;
            case '*':
                escape.Append(@"2a");
                break;
            case '(':
                escape.Append(@"28");
                break;
            case ')':
                escape.Append(@"29");
                break;
            case 'u0000':
                escape.Append(@" 0");
                break;
            case '/':
                escape.Append(@"2f");
                break;
            default:
                escape.Append(current);
                break;
        }
    }

    return escape.ToString();
}

上一篇 : ：Python比特流实现下一篇 : Ruby字符串转义字符

如何在 C# 中转义字符串，以用于 LDAP 查询

相关阅读

技术问答最新文章