Hi Shishir,
Thanks for the prompt response. I will appreciate if you can clarify
few things for me. Our usernames are created using Orkut's php rest
API so not sure why you would think that they are not escaped
correctly. Here is code snippet we are using to create our internal
usernames:
$orkut
Paresh,
Your app does not escape usernames correctly and this can allow javascript
injection.
Could you please fix that and submit the app for review again?
Thanks,
Shishir
On Thu, Jul 16, 2009 at 3:10 AM, Paresh Joshi wrote:
>
> Hi,
> I received an email from Orkut regarding my application is
2 matches
Mail list logo