I'm creating my own application using java services. What is the best way to filter out user input to avoid XSS and buffer-overruns (do you even need to worry about buffer-overruns in Java?), etc? For example, if the user inputs the string:
alert('XSS vulnerability test');
In a form, what is the best way to prevent this script from being executed
(Once the form data is passed to a service of course)? Is there some super-cool
Java utility to validate HTML user input?
