I hope I won't expose myself as a re-treaded CGI programmer here
but - shouldn't input parameters you get through request.getParmater()
be sanitized to remove non-text characters before you put them
back out through JSP pages or other servlets, etc? If they should,
are there standard libraries for this as there are in Perl and
C++? I never see any mention of this in servlet books or examples.
Am I missing something obvious?
sandy
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
