Vulnerable Code
- In the code, the difference between default encoding and byte array produced during encoding causes undefined behavior for inputs
Secure Code
- The code explicitly specifies intended character encoding in the String constructor
04.Secure Coding Practices for Input Validation, EC-Council CASE JAVA
Vulnerable and Secure Code for Character Encoding
Cheng® 