Hello Akash,
may be this can help:
http://stackoverflow.com/questions/10487648/prevent-xss-in-spring-mvc
http://stackoverflow.com/questions/12538227/how-to-prevent-xss-attacks-with-springmvc-jackson-application
http://jeevanpatil.wordpress.com/2011/07/22/prevention_of_xss/
There is a lot n
Hello Akash,
2014-05-05 22:16 GMT+02:00 Akash Jain akash.delh...@gmail.com:
Hello Benedikt,
Basically I am using it as XSS prevention mechanism. So I want to use is it
safe enough ?
As I've said: escapeXml just escapes the basic XML entities. It depends on
what you're doing with the
ESAPI has given us some problems with other systems we interact with.
I am using Java 7 with Spring 3.2 MVC in Tomcat 7.
On Tue, May 6, 2014 at 4:29 AM, Benedikt Ritter brit...@apache.org wrote:
Hello Akash,
2014-05-05 22:16 GMT+02:00 Akash Jain akash.delh...@gmail.com:
Hello Benedikt,
if you didnt catch XSS Vector at Javascript as it was coming in from Browser
then you can write your own from:
http://commons.apache.org/proper/commons-lang/javadocs/api-2.6/src-html/org/apache/commons/lang/StringEscapeUtils.html
private static void escapeJavaStyleString(Writer out, String str,
Martin,
Can you tell me how safe is escapeXml function is ? Thats what I originally
wanted to know.
Thanks.
On Mon, May 5, 2014 at 5:17 AM, Martin Gainty mgai...@hotmail.com wrote:
if you didnt catch XSS Vector at Javascript as it was coming in from
Browser then you can write your own from:
Hello Benedikt,
Basically I am using it as XSS prevention mechanism. So I want to use is it
safe enough ?
I am not very inclined to use ESAPI as XSS protection mechanism, hence I am
using escapeXml
On Mon, May 5, 2014 at 10:54 AM, Benedikt Ritter brit...@apache.org wrote:
Hello Akash,