2011/12/14 Saeedahmed Subedar <saeedahmed.sube...@birlasunlife.com>: > Not sure if this is the right mailing list to ask this, but..
Wrong. This question should be on the users@ list. > > Is the latest Tomcat 7 cross-site scripting safe? Or nevertheless, is some > amount of css filtering code required at the application level? Tomcat 7 standard applications (except examples) and standard error pages should be safe. Examples are likely to be safe as well, but not much attention is payed to them, as they should not be present on productive sites. Your applications are your own responsibility. If you need more detailed answer, ask on users@. See also "Security Considerations" page in the manual. > css filtering It is usually called "xss", not css. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
