Is there a way through the .net framework or some other package to sanitize strings so that they can be safely used in sosl? Is there any larger standard that SOSL falls under?
I was able to find How to pass a variable to the SOQL where clause? and Escaping reserverved characters in SOSL queries, but they both deal with solving specific cases rather than a general solution.
I would prefer not to roll my own solution.
Best Answer
From Dynamic SOSL - SOSL Injection:
Based on that is should be sufficient to escape any single quote characters in the user based input before merging it with your dynamic SOSL.