> -----Original Message----- > From: Matt Bathje [mailto:[EMAIL PROTECTED]
> Just hope they don't break you programming policies and extend > ValidatorForm (or just use DynaValidatorForm!) instead of extending > SafeValidatorForm :) Well, its easier that wondering if all the validations are implemented for each form. > > (Truthfully ;-), to get down to one page, we replaced <!-- > with <%-- and also took out javascript validation that Struts > does provide :-( -- these scanners think any javascript is a > potential problem ). > > That seems very strict...no javascript at all? I can see it > considering some javascript bad, but that is ridiculous imho. I feel for ya... Firstly, the scanner is just that - software, and is not too discerning. Secondly :- ProdDevGroup: We no longer get a popup saying xxxxxx is needed. Now we see red words. Us: We can't help you cuz u know dsadah sdfa dfasd fasdfas df asdf sdfgdsfgs PDG: We also no longer get popups for ..... Us: same there. PDG: and <there> too... Us: What is the one and only one thing among these you can't live without (and the external user, cannot live without)? PDG: <one case> Us: please email us that. [[we turn on javascript for just that]] Repeat at each meeting. Its all about checking off things as done and achieved (and the one-page security scanner report is one among them, though its no longer repeatable ;-) for each webapp ). Gotta get back to unowhat. -------------------------------------------------------- The information contained in this message is intended only for the recipient, and may be a confidential attorney-client communication or may otherwise be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, please be aware that any dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify us by replying to the message and deleting it from your computer. Thank you, Standard & Poor's -------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
