Wow, you fit my first paragraph perfectly. http://httpd.apache.org/info/css-security/index.html
-jon on 11/20/01 5:11 AM, "Steve Giovannetti" <[EMAIL PROTECTED]> wrote: > What exactly do you mean by "cross site scripting" and could you give > pointers to the examples your talking about in PHP, Perl and C? > > gio > > Jon Stevens wrote: > >> Sadly, it seems that the Java world really hasn't taken the cross site >> scripting issues seriously. Only a few projects within Jakarta have really >> made an effort to fix bugs and that was after they were pointed out by >> others. It also seems that most of the examples are for other languages >> (PHP, Perl, C) and not Java and that they have made simple methods available >> to resolve the issues. >> >> It would be really cool to start a project under Jakarta (ie: in commons) >> that addresses the issues of the cross site scripting bugs in a re-usable >> fashion so that more people will be aware of the issues surrounding this >> important discovery. >> >> Does anyone have code they want to contribute to get this started? How are >> you currently dealing with these issues? What is your favorite way to escape >> things? Do you filter/escape all content or only some content? Etc. >> >> Thanks, >> >> -jon -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
