Hey all,
You may have seen my earlier message about a current client
whose site I've taken over maintenance on that is trying to
get PCI Compliance from Security Metrics. I've put all the
forms behind https and a couple of other things, but this one
I don't know how to solve. I'll read up on
--- Shaun <[EMAIL PROTECTED]> wrote:
> Is there a way to filter metacharacters from all $_POST values sent from
> pages on my site in an effort to eliminate the majority of XSS attacks?
Yes, but it's probably more important that you understand what XSS is and
what methods people use to protect aga
Shaun wrote:
Is there a way to filter metacharacters from all $_POST values sent from
pages on my site in an effort to eliminate the majority of XSS attacks?
There's no magic function that's going to protect you from Cross Site
Scripting or SQL Injection. Do you honestly even know what they are o
Shaun wrote:
Hi,
Is there a way to filter metacharacters from all $_POST values sent from
pages on my site in an effort to eliminate the majority of XSS attacks?
htmlentities()
preg_match_all()
--
Burhan Khalid
phplist[at]meidomus[dot]com
http://www.meidomus.com
---
"Documentat
Hi,
Is there a way to filter metacharacters from all $_POST values sent from
pages on my site in an effort to eliminate the majority of XSS attacks?
Thanks for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
any one know more about these than this article talks about?
http://news.cnet.com/news/0-1007-202-2870712.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mai
6 matches
Mail list logo