unicode character sanitization blacklist

What Unicode characters are dangerous?

What Unicode characters (more precisely codepoints) are dangerous and should be blacklisted and prohibited for the users to use? I know that BIDI override characters and the "zero width space" are very prone to make problems, but what others are there?

Thanks

Solution

Characters aren’t dangerous: only inappropriate uses of them are.

You might consider reading things like:

Unicode Standard Annex #31: Unicode Identifier and Pattern Syntax
RFC 3454: Preparation of Internationalized Strings (“stringprep”)

It is impossible to guess what you mean by dangerous.

How can I display a character above U+FFFF?
Converting unicode string to utf-8
Katakana character in Java displaying as '?' in Visual Studio Code
Converting accented characters in varchar() to XML causing "illegal XML character"
Validate a potentially multibyte string to have a minimum length and contain only whitelisted characters
Strange characters instead national letters using Unicode in WinAPI
Unicode First, Previous, Next, and Last
Displaying Unicode in PowerShell
Issue when converting utf16 wide std::wstring to utf8 narrow std::string for rare characters
Where can I a mapping of Identity-H encoded characters to ASCII or Unicode characters?
Background not visible behind the "whitespace" of a Unicode Character
How do I save my file in UTF-16 LE encoding without BOM in VS2015?
String length in bytes in JavaScript
How do I convert Unicode to emoji in JavaScript?
How to convert a string to a sequence of integers corresponding to the Unicode code points, and vice versa?
Why does Python3 get a UnicodeDecodeError reading a text file where Python2 does not?
HTML5 page language, direction and encoding
What is the difference between UTF-8 and Unicode?
ColdFusion cfmail special characters in subject line
How to import a file to MongoDB with escaped unicode sequences?
How do I encode/decode UTF-16LE byte arrays with a BOM?
Remove zero width space unicode character from Python string
Fixing broken UTF-8 encoding
Unexpected result when converting UNICODE to UTF-8 with ICU
Using StreamWriter to write to file a C# string with accented letters using ISO-8859-1 encoding
How to ignore space in Sound Mark during Unicode Composition/Decomposition in Japanese text?
Convert unicode string into NFC in Rust
Apostrophe in text not being matched by my regex character class which contains an apostrophe
How to match none-ascii letters in latin1_swedish_ci charset?
Why are accented/unicode characters which are listed in the negated character class being matched by the regex?