On 05/03/2018 21:01, Alexander Farber wrote:
Good evening,
what would be a method in Jetty to escape HTML characters in a String?
OWASP has an easy-to-use Encoder class:
https://www.owasp.org/index.php/OWASP_Java_Encoder_Project
The OWASP XSS prevention cheat sheet is also worth a read:
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
--
John English
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users