Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
UTF-8入門
Search
yn2011
December 27, 2018
Programming
0
190
UTF-8入門
文字コード / Unicode / UTF-8のデコード例 / UTF-8の脆弱性
yn2011
December 27, 2018
Tweet
Share
More Decks by yn2011
See All by yn2011
シェル芸入門
yn2011
1
970
オブジェクト指向プログラミングについて調べてみた
yn2011
0
300
初心者系エンジニアにおすすめの技術書3冊
yn2011
0
210
Other Decks in Programming
See All in Programming
概念モデル→論理モデルで気をつけていること
sunnyone
2
160
基礎から学ぶ大画面対応(Learning Large-Screen Support from the Ground Up)
tomoya0x00
0
450
Swift Updates - Learn Languages 2025
koher
2
470
今だからこそ入門する Server-Sent Events (SSE)
nearme_tech
PRO
3
200
Namespace and Its Future
tagomoris
6
700
FindyにおけるTakumi活用と脆弱性管理のこれから
rvirus0817
0
510
RDoc meets YARD
okuramasafumi
4
170
Introducing ReActionView: A new ActionView-compatible ERB Engine @ Rails World 2025, Amsterdam
marcoroth
0
690
請來的 AI Agent 同事們在寫程式時,怎麼用 pytest 去除各種幻想與盲點
keitheis
0
120
Vue・React マルチプロダクト開発を支える Vite
andpad
0
110
Ruby×iOSアプリ開発 ~共に歩んだエコシステムの物語~
temoki
0
310
The Past, Present, and Future of Enterprise Java with ASF in the Middle
ivargrimstad
0
110
Featured
See All Featured
4 Signs Your Business is Dying
shpigford
184
22k
Visualization
eitanlees
148
16k
GraphQLとの向き合い方2022年版
quramy
49
14k
A Modern Web Designer's Workflow
chriscoyier
696
190k
Designing Experiences People Love
moore
142
24k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Into the Great Unknown - MozCon
thekraken
40
2k
A Tale of Four Properties
chriscoyier
160
23k
Site-Speed That Sticks
csswizardry
10
810
It's Worth the Effort
3n
187
28k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Git: the NoSQL Database
bkeepers
PRO
431
66k
Transcript
UTF-8ೖ 2018/12/27 ΄ΖΑ͍ͯͬ͘ @yn2011
ࣗݾհ • SalesforceͱJavaScriptͷਓ • ࠷ۙͷझຯγΣϧܳ
͢͜ͱ • จࣈίʔυͷجૅ • Unicode / UTF-8 ͷ֓ཁ • UTF-8
ͷΤϯίʔυ/σίʔυ • UTF-8 ͷ੬ऑੑ
͢͜ͱ • จࣈίʔυͷجૅ • Unicode / UTF-8 ͷ֓ཁ • UTF-8
ͷΤϯίʔυ/σίʔυ • UTF-8 ͷ੬ऑੑ
จࣈίʔυʁ
จࣈίʔυ ͱ จࣈූ߸ԽํࣜΛ ۠ผ͢Δ
จࣈίʔυʢූ߸Խจࣈू߹ʣ • ֤จࣈʹରԠ͢ΔϏοτͷΈ߹ΘͤΛఆٛ • e.g. ASCII, JIS X 0208, Unicode
… UnicodeͷจࣈίʔυදͷྫʢҰ෦ʣ UnicodeҰཡ 3000-3FFF / WikipediaΑΓҾ༻
จࣈූ߸Խํࣜ • จࣈූ߸Խํࣜจࣈίʔυͷӡ༻نଇ • e.g. Unicode:UTF-8, UTF-16.. UTF-8ͷྫʢҰ෦ʣ ΦϨϯδ ORANGE-FACTORY
UTF-8ͷจࣈίʔυදΑΓҾ༻
WindowsͷϝϞா • ࠞཚ͢Δʢఆ൪ʣ
͢͜ͱ • จࣈίʔυͷجૅ • Unicode / UTF-8 ͷ֓ཁ • UTF-8
ͷΤϯίʔυ/σίʔυ • UTF-8 ͷ੬ऑੑ
UTF-8ʁ
UTF-8 • UTF-8UnicodeͱݺΕΔจࣈίʔυͷ จࣈූ߸Խํࣜͷ̍ͭ UTF-8 / Wikipedia ΑΓҾ༻
Unicode • ੈքதͷจࣈΛूͨ͠จࣈίʔυ • ଟݴޠରԠͷίετݮ • ओͳූ߸ԽํࣜʹUTF-8ͱUTF-16 Amazon Ϣχίʔυઓه ΑΓҾ༻
Unicode จࣈίʔυʮʯݚڀɹվగୈ2൛ P431ΑΓҾ༻
Unicode จࣈίʔυʮʯݚڀɹվగୈ2൛ P430ΑΓҾ༻
UTF-8 • Unicode Transformation Format-8 • 1όΠτ୯Ґೖग़ྗʢ8bitʣ • ASCII ޓ
• 1 ~ 6όΠτͷՄมίʔυ
UTF-8 UTF-8 / WikipediaΑΓҾ༻
UTF-8 Pros/Cons • Pros • ASCII த৺ͷσʔλͷ߹΄΅ಉ͡αΠζʢASCIIޓʣ • จࣈͷछྨ͕ଟ͍ʢUnicodeʣ •
Cons • ࣈฏԾ໊͕ 3 όΠτ • ෆཁͳBOMΛ༩ग़དྷͯ͠·͏
Excel • ExcelBOMͳ͠UTF-8ܗࣜͷCSVϑΝΠϧΛ Shift_JISͰղऍ͢Δ BOM͋ΓUTF-8 BOMͳ͠UTF-8ʢShift_JISͰղऍʣ
͢͜ͱ • จࣈίʔυͷجૅ • Unicode / UTF-8 ͷ֓ཁ • UTF-8
ͷΤϯίʔυ/σίʔυ • UTF-8 ͷ੬ऑੑ
UTF-8ͷσίʔυʹઓ
ʢྫʣ 0xCE94ʹରԠ͢ΔจࣈΛ ٻΊΔ
UTF-8ͷσίʔυنଇʢҰ෦ʣ • ઌ಄7Ϗοτ·Ͱنଇ͕͋Δʢলུʣ จࣈίʔυʮʯݚڀɹվగୈ2൛ P448ΑΓҾ༻
0xCE94 • 0xCE = 11001110 • 110xxxxx → xxxxx =
01110 • 0x94 = 10010100 • 10yyyyyy → yyyyyy = 010100 • xxxxxyyyyyy = 01110010100 • U+0394 = Δ
ͳΤϯίʔυ • 0xC0 = 11000000 • 110xxxxx → xxxxx =
00000 • 0xAF = 10101111 • 10yyyyyy → yyyyyy = 101111 • 0xxx xxyy yyyy = 0000 0010 1111 • U+2F = /
͢͜ͱ • จࣈίʔυͷجૅ • Unicode / UTF-8 ͷ֓ཁ • UTF-8
ͷΤϯίʔυ/σίʔυ • UTF-8 ͷ੬ऑੑ
σΟϨΫτϦɾτϥόʔαϧ • ҙਤ͠ͳ͍ϑΝΠϧΞΫηεͰ͖Δ੬ऑੑ • ../../../../../../../../../etc/passwd • / = 0x2FͷΈΛఆ͍ͯ͠Δͱ… •
→ 0xC0AF = / ͕ڐ༰͞Εͯةݥ
Salesforceͩͱ… • SalesforceʢApexʣͰҙͷ16ਐΛUTF-8 Ͱσίʔυ͢Δ // Apex System.debug(EncodingUtil.urlDecode('%e3%81%82', ‘utf-8')); // ͋
ٙΘ͍͠੬ऑੑͷใࠂ
·ͱΊ • UTF-8UnicodeͱݺΕΔจࣈίʔυͷ จࣈූ߸Խํࣜͷ̍ͭ • ASCIIޓͰ1~6όΠτͷՄมίʔυ • BOMͱͳΤϯίʔυʹҙ
࢝ จࣈίʔυͱաͦ͝͏
yn2011
sunnyone
tomoya0x00
koher
nearme_tech
tagomoris
rvirus0817
okuramasafumi
marcoroth
keitheis
andpad
temoki
ivargrimstad
shpigford
eitanlees
quramy
chriscoyier
moore
afnizarnur
thekraken
csswizardry
3n
caitiem20
bkeepers
