Canonicalization is simply the operation of reducing a possibly encoded string down to its simplest form.
This is important, because attackers frequently use encoding to change their input in a way that will bypass validation filters,
but still be interpreted properly by the target of the attack.
Note that data encoded more than once is not something that a normal user would generate and should be regarded as an attack.
Lucee Function Reference
canonicalize(string input,boolean restrictMultiple,boolean restrictMixed):string
The arguments for this function are set. You can not use other arguments except the following ones.
|input||string||Yes||the input string to encode|
|restrictMultiple||boolean||Yes||true if checking for multiple encoding is desired, false otherwise.|
|restrictMixed||boolean||Yes||true if checking for mixed encoding is desired, false otherwise|