-Original Message-
>>From: Craig McClanahan [mailto:[EMAIL PROTECTED]
>>Sent: Wednesday, May 05, 2004 9:47 AM
>>To: Struts Users Mailing List
>>Subject: Re: Dealing with XSS in struts
>>
>>
>>jeff mutonho wrote:
>>
>>
>>
&
> -Original Message-
> From: Craig McClanahan [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 05, 2004 11:01 AM
> To: Struts Users Mailing List
> Subject: Re: Dealing with XSS in struts
>
>
> Van Riper, Mike wrote:
>
> >>-Original Message
Van Riper, Mike wrote:
-Original Message-
From: Craig McClanahan [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 05, 2004 9:47 AM
To: Struts Users Mailing List
Subject: Re: Dealing with XSS in struts
jeff mutonho wrote:
Hi
What are the recommendations to deal with cross-site
> -Original Message-
> From: Craig McClanahan [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 05, 2004 9:47 AM
> To: Struts Users Mailing List
> Subject: Re: Dealing with XSS in struts
>
>
> jeff mutonho wrote:
>
> >Hi
> >What are the
jeff mutonho wrote:
Hi
What are the recommendations to deal with cross-site scripting in struts?
I'm got an app that a use can access at a URL , let's call it http://localhost/myapplication , now doing something like
http://localhost/myapplication/applicationInit.do?mode=alert(document.cookie)
per
Silicon Valley Struts User Group
http://www.baychi.org/bof/struts/
> -Original Message-
> From: jeff mutonho [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 05, 2004 4:52 AM
> To: [EMAIL PROTECTED]
> Subject: Dealing with XSS in struts
>
>
> Hi
> What are th
Hi
What are the recommendations to deal with cross-site scripting in struts?
I'm got an app that a use can access at a URL , let's call it
http://localhost/myapplication , now doing something like
http://localhost/myapplication/applicationInit.do?mode=alert(document.cookie)
reveals a pop-up
7 matches
Mail list logo