Re: Struts security/validation

2004-08-11 Thread Brett Connor
Craig McClanahan wrote: On Wed, 11 Aug 2004 10:32:04 -0700, Wiebe de Jong <[EMAIL PROTECTED]> wrote: I had a similar problem, which I discovered when one of my users tried to enter a street address containing an apostrophe. Since I use apostrophes to delineate my text strings in my SQL statement

Re: Struts security/validation

2004-08-11 Thread Kishore Senji
TED]> wrote: > > > > -Original Message- > > From: Wiebe de Jong [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, August 11, 2004 10:32 AM > > To: 'Struts Users Mailing List' > > Subject: RE: Struts security/validation > > > >

RE: Struts security/validation

2004-08-11 Thread Wiebe de Jong
well. As for the XML/SOAP calls, using the serializer to create the character entities would be good. Thanks Wiebe de Jong -Original Message- From: Craig McClanahan [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 11, 2004 10:50 AM To: Struts Users Mailing List Subject: Re: Struts

RE: Struts security/validation

2004-08-11 Thread Zhang, Larry \(L.\)
to data base you need to convert it to be "l like he''s idea". Hope this helps. -Original Message- From: Wiebe de Jong [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 11, 2004 1:32 PM To: 'Struts Users Mailing List' Subject: RE: Struts security/validation I h

Re: Struts security/validation

2004-08-11 Thread Craig McClanahan
On Wed, 11 Aug 2004 10:32:04 -0700, Wiebe de Jong <[EMAIL PROTECTED]> wrote: > I had a similar problem, which I discovered when one of my users tried to > enter a street address containing an apostrophe. Since I use apostrophes to > delineate my text strings in my SQL statements, this caused a data

RE: Struts security/validation

2004-08-11 Thread Jim Barrows
> -Original Message- > From: Wiebe de Jong [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 11, 2004 10:32 AM > To: 'Struts Users Mailing List' > Subject: RE: Struts security/validation > > > I had a similar problem, which I discovered when one

RE: Struts security/validation

2004-08-11 Thread Wiebe de Jong
Message- From: Craig McClanahan [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 11, 2004 10:21 AM To: Struts Users Mailing List Subject: Re: Struts security/validation On Wed, 11 Aug 2004 14:45:05 +0100, James Adams <[EMAIL PROTECTED]> wrote: > Hello all, > > I'm

RE: Struts security/validation

2004-08-11 Thread Jim Barrows
> -Original Message- > From: Craig McClanahan [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 11, 2004 10:21 AM > To: Struts Users Mailing List > Subject: Re: Struts security/validation > > > On Wed, 11 Aug 2004 14:45:05 +0100, James Adams > <[EMAI

Re: Struts security/validation

2004-08-11 Thread Craig McClanahan
On Wed, 11 Aug 2004 14:45:05 +0100, James Adams <[EMAIL PROTECTED]> wrote: > Hello all, > > I'm in the process of trying to secure my struts application against "Cross site > scripting", "SQL injection" style attacks. > > One of the things I'm doing to prevent this is trying to restrict special

RE: Struts security/validation

2004-08-11 Thread Jim Barrows
> -Original Message- > From: James Adams [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 11, 2004 6:45 AM > To: Struts Users Mailing List > Subject: Struts security/validation > > > Hello all, > > I'm in the process of trying to secure my struts application > against "Cross site s

Re: Struts security/validation

2004-08-11 Thread Kishore Senji
On Wed, 11 Aug 2004 14:45:05 +0100, James Adams <[EMAIL PROTECTED]> wrote: > Hello all, > > I'm in the process of trying to secure my struts application against "Cross site > scripting", "SQL injection" style attacks. > > One of the things I'm doing to prevent this is trying to restrict special