Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
How to implement URL validation in application development for Windows XP or for Windows Server 2003
Article ID: 943522 - View products that this article applies to.
This article contains guidance for software developers who want to implement URL validation in applications for Windows XP or for Windows Server 2003. Specifically, this article discusses what an application must do to validate URLs before passing them to Windows for execution.
The Windows Shell32 ShellExecute function enables applications to pass URLs. Applications must be carefully designed based on the threat environment. This is true for any program that uses URL handling to accept untrusted data.
Before passing URLs that will be executed by Windows Shell32, an application should do the following:
Article ID: 943522 - Last Review: October 16, 2007 - Revision: 1.2