Correct me if I am wrong, but Apache Shiro does *not* secure your web application against XSS. Instead Apache Shiro itself is invulnerable to XSS - meaning e. g. Javascript attacks targeting Shiro will not succeed.
-- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-support-for-XSS-tp7580425p7580426.html Sent from the Shiro User mailing list archive at Nabble.com.
