Hi What are the recommendations to deal with cross-site scripting in struts? I'm got an app that a use can access at a URL , let's call it http://localhost/myapplication , now doing something like http://localhost/myapplication/applicationInit.do?mode=<script>alert(document.cookie)</script> reveals a pop-up box containing the currently set cookies. How can I block that from happening?Is there a way of encoding a form bean?Please help as this is critical to the app. jeff mutonho
--------------------------------- Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs