To fuck with computers that don’t know how to do UTF8, add a few emoji.
I once set a WiFi ssid to 🌻 and I was amazed at how much problems that likely caused. I had people showing me their network manager was dumping random characters. Some other routers web interfaces became corrupted when trying to show the neighborhood. Some clients refused to connect. Even a bsod on a windows XP box.
You just need to ensure you validate character by character (NOT byte by byte) and allow characters in the Emoji Unicode ranges. It’s well-defined in the Unicode standard. Using a library is a great idea though.
I’m currently in a project where the client has a custom, but not entirely consistent or known subset of utf-8.
They want us to keep the form content as it is, but remove the “bad” characters. Our current approach is to just forward everything as it is and wait for someone to complain. How TF am I supposed to remove a character without changing the message?
Yeah I had a backend with poor support for anything that wasn’t ASCII. So my solution was turning everything into hex before storing it. I wonder if people are still using it.
Yeah I had a backend with poor support for anything that wasn’t ASCII
PHP is like this. Poor Unicode support, but it treats strings as raw bytes so it usually works well enough. It turns out a programming language can take data from a form, save it to a database, then later load and render it, without having to know what those bytes actually mean, as long as the app or browser knows it’s UTF-8, for example through a Content-Type header or meta tag.
The tricky thing is the all the standard string manipulation functions (strlen, substr, etc) don’t handle Unicode properly at all and they deal with number of bytes rather than number of characters. You need to use the “multibyte” (Unicode-ready) equivalents like mb_substr, but a lot of PHP developers forget to do this and end up with string truncation code that cuts UTF-8 characters in half (e.g.if it’s truncating a long title with Emoji in it, it might cut off the title in the middle of the three bytes that represent the Emoji and only leave 1 or 2 of them)
I once set a WiFi ssid to 🌻 and I was amazed at how much problems that likely caused. I had people showing me their network manager was dumping random characters. Some other routers web interfaces became corrupted when trying to show the neighborhood. Some clients refused to connect. Even a bsod on a windows XP box.
They called it “The Sunflower Incident.”
I had a ton of trouble with an apostrophe in my SSID until I realized that was the cause.
One of my projects was validation for form submission and emojis melted me. I gave up trying to do it from scratch and trusted a library.
You just need to ensure you validate character by character (NOT byte by byte) and allow characters in the Emoji Unicode ranges. It’s well-defined in the Unicode standard. Using a library is a great idea though.
I’m currently in a project where the client has a custom, but not entirely consistent or known subset of utf-8.
They want us to keep the form content as it is, but remove the “bad” characters. Our current approach is to just forward everything as it is and wait for someone to complain. How TF am I supposed to remove a character without changing the message?
Yeah I had a backend with poor support for anything that wasn’t ASCII. So my solution was turning everything into hex before storing it. I wonder if people are still using it.
PHP is like this. Poor Unicode support, but it treats strings as raw bytes so it usually works well enough. It turns out a programming language can take data from a form, save it to a database, then later load and render it, without having to know what those bytes actually mean, as long as the app or browser knows it’s UTF-8, for example through a Content-Type header or meta tag.
The tricky thing is the all the standard string manipulation functions (
strlen,substr, etc) don’t handle Unicode properly at all and they deal with number of bytes rather than number of characters. You need to use the “multibyte” (Unicode-ready) equivalents likemb_substr, but a lot of PHP developers forget to do this and end up with string truncation code that cuts UTF-8 characters in half (e.g.if it’s truncating a long title with Emoji in it, it might cut off the title in the middle of the three bytes that represent the Emoji and only leave 1 or 2 of them)Why not simply discard them?
I had an emoji in my phone hotspot a while ago. Unfortunately I had to remove it after a while because some devices refused to connect.
Fun fact: SSIDs are just bytes. They don’t need to he any kind of UTF compliant. You can use a set of unprintable characters
Is there a character limit? Can it be the binary for DOOM?
64 characters long is wifi spec IIRC but some routers don’t follow spec, wouldnt go higher than 60. Idk if this helps answer your question.
32 bytes. 31 if you want to end the name in a \0 byte to not completely break IoT devices and the like.
You can have as many SSIDs as you want, of course. So you could spam a million SSIDs and have a piece of software decode them.
I believe it’s 32 bytes, but it depends on the AP, some use a null terminator as the final byte.
Great success!