Sorry for the cross-posting, but I guess that's also interesting to
I've been thinking about input validation too... only a bit more
generally, on a server/production basis. Nate, on your production
setup (galaxy main), do you use any kind of filter or framework a la
modsecurity to prevent security issues on third party tools ? How do
you mitigate those security risks ?
On 2011-06-23 00:27, Jennifer Jackson wrote:
> Hi Russell,
> Dan Blankenberg is our ChIP-seq expert and will be able to work with you
> when he returns from vacation.
> Thank you for your patience!
> Galaxy team
> On 6/20/11 2:22 PM, Russell Bonneville wrote:
>> Hello all,
>> I am Russell, a student working with Dr. Victor Jin at the Dept. of
>> Biomedical Informatics, OSU Medical Center. I am developing a Galaxy
>> wrapper for our ChIP-seq peak-calling program BELT (PMID: 21138948), and
>> I have a question about input validation. Does Galaxy filter for
>> malicious field entries (such as XSS attacks) or is this our wrapper’s
>> responsibility (the MACS wrapper appears to not perform any explicit
>> checks)? Thank you for your time.
>> Sincerely, Russell Bonneville
>> Please keep all replies on the list by using "reply all"
>> in your mail client. To manage your subscriptions to this
>> and other Galaxy lists, please use the interface at:
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at: