iRule code injection / input validation
im wondering about code injection within irules. if the rule uses input which the user can determine there is some risk usually, but how well or bad do iRules / TCL handle this? could i for example escape an match class command and run code somehow or always pass an if statement if i don't do input validation (check if "bad characters" are used)?
does anyone protect their code against this, if so how?