On Sun, 19 Dec 2004 19:24:23 -0300, Edgar Poce <[EMAIL PROTECTED]> wrote:
> > Are there any other characters that should be filtered for security
> > reasons?
>
> I think there are not. I thought it was a html escape tool and I
> expected it replaced 'à' with "à" for example. But I see it's not
> Are there any other characters that should be filtered for security
> reasons?
I think there are not. I thought it was a html escape tool and I
expected it replaced 'à' with "à" for example. But I see it's not
the purpose.
Has it any sense to add an "escape" attribute with values "html",
"jav
The purpose for filtering these four characters is to avoid cross site
scripting attacks that would otherwise be possible if an application
accepted an input text field that had something like a
Hi
TagUtils.filter(String value) only filters 4 html sensitive characters
while there are many more. Is there any special reason or it's a bug?
Regards
Edgar
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-
