struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maurizio Cucchiara <maurizio.cucchi...@gmail.com>
Subject Re: HTML escaping in form input fields in Struts2
Date Thu, 25 Nov 2010 14:59:55 GMT
What about hdiv plugin? https://cwiki.apache.org/S2PLUGINS/hdiv-plugin.html

2010/11/25 webmeiker <info@webmeiker.com>

> Hi,
>
>
>
> I want to ask the community for the best recommended way to achieve HTML
> escaping in form input fields in Struts2…
>
>
>
> For output I know about escapeHtml attribute in s:property tag, but I don’t
> know if there is something like that ‘implemented’ for the input (some
> interceptor, validator type, …).
>
>
>
> Have somebody implemented a validator type (using regular expressions) that
> rejects problematic html characters to avoid XSS attacks??
>
>
> --
>



-- 
Maurizio Cucchiara

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message