Sadly, it seems that the Java world really hasn't taken the cross site scripting issues seriously. Only a few projects within Jakarta have really made an effort to fix bugs and that was after they were pointed out by others. It also seems that most of the examples are for other languages (PHP, Perl, C) and not Java and that they have made simple methods available to resolve the issues.
It would be really cool to start a project under Jakarta (ie: in commons) that addresses the issues of the cross site scripting bugs in a re-usable fashion so that more people will be aware of the issues surrounding this important discovery. Does anyone have code they want to contribute to get this started? How are you currently dealing with these issues? What is your favorite way to escape things? Do you filter/escape all content or only some content? Etc. Thanks, -jon -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
