Results 1 to 2 of 2

Thread: Cross-site Scripting/XSS Support

  1. Aug 31st, 2007, 03:06 PM #1
    rappa
    rappa is offline Junior Member
    Join Date
    Nov 2005
    Location
    Leesburg, VA
    Posts
    11

    Default Cross-site Scripting/XSS Support

    Is there a good solution for foiling Cross-site Scripting attacks with Spring MVC/Web flow? My understanding is that in order to defeat XSS attacks, it is necessary to HTML-escape all request parameter input, prior to displaying in the browser. Is there a good mechanism (e.g. interceptor) to HTML-escape input prior to binding to the command object? I would like to implement the minimal configuration which applies this solution to the entire web app. Thanks
    Reply With Quote Reply With Quote
  2. Jun 2nd, 2009, 05:18 AM #2
    buntyindia
    buntyindia is offline Member
    Join Date
    Sep 2007
    Posts
    58

    Default

    I found a solution for XSS Cross site scripting here in this article http://www.techcrony.info/?p=41
    --
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules