Depends…how well written the form is. Often stuff like this is pushed to libraries who have covered all the gotchas but you have to be careful not to get into dependency hell. Understand where to use them and not. For example don’t use left_pad but also don’t make your own encryption.
How easy is it to allow new lines,very easy. The important part is only accepting new lines e.g. /r/n a well made form can include extra functions but anything not defined should be denied.
Also consider you likely should not accept a username with a semi-colon in it…
Is it easy for a good developer to allow new lines without any extra security risk exposure?
Sometimes e.g. a government form will remove new lines, though perhaps sometime they intend to reduce length.
Depends…how well written the form is. Often stuff like this is pushed to libraries who have covered all the gotchas but you have to be careful not to get into dependency hell. Understand where to use them and not. For example don’t use left_pad but also don’t make your own encryption.
How easy is it to allow new lines,very easy. The important part is only accepting new lines e.g. /r/n a well made form can include extra functions but anything not defined should be denied.
Also consider you likely should not accept a username with a semi-colon in it…