Thanks.
Regards, SaeedAhmed Subedar, BSLI 91-022-39961356 -----Original Message----- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Wednesday, December 14, 2011 2:06 PM To: Tomcat Developers List Subject: Re: Cross site scripting safe 2011/12/14 Saeedahmed Subedar <saeedahmed.sube...@birlasunlife.com>: > Not sure if this is the right mailing list to ask this, but.. Wrong. This question should be on the users@ list. > > Is the latest Tomcat 7 cross-site scripting safe? Or nevertheless, is some > amount of css filtering code required at the application level? Tomcat 7 standard applications (except examples) and standard error pages should be safe. Examples are likely to be safe as well, but not much attention is payed to them, as they should not be present on productive sites. Your applications are your own responsibility. If you need more detailed answer, ask on users@. See also "Security Considerations" page in the manual. > css filtering It is usually called "xss", not css. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org The information contained in this electronic communication is intended solely for the individual(s) or entity to which it is addressed. It may contain proprietary, confidential and/or legally privileged information. Any review, retransmission, dissemination, printing, copying or other use of, or taking any action in reliance on the contents of this information by person(s) or entities other than the intended recipient is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us by responding to this email or telephone and immediately and permanently delete all copies of this message and any attachments from your system(s). The contents of this message do not necessarily represent the views or policies of Aditya Birla Group. Computer viruses can be transmitted via email. Aditya Birla Group Companies attempts to sweep e-mails and attachments for viruses, it does not guarantee that either are virus free. The recipient should check this email and any attachments for the presence of viruses. Aditya Birla Group does not accept any liability for any damage sustained as a result of viruses. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
