Hello, This may be a bit OT, because I am currently using WO with OSWASP. A while ago, there were a couple of you who mentioned using OSWASP ESAPI for Java to validate input and do output filtering.
I wonder what would be a good filtering method in ESAPI for filtering any scripts (output filtering)? I have tried ESAPI.encoder().encodeForHTML(), but it still seems to let the browser execute some tags when the page is rendered. The brute force would be to do a string parser to parse any offending tags after encoding/decoding, but I am looking at some existing vetted solutions. Anyone has had similar experience before? Thanks very much for any hints, mai _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
