On Thu, Dec 15, 2011 at 2:17 PM, Saeedahmed Subedar <saeedahmed.sube...@birlasunlife.com> wrote: > Inspite of the http server being cross-site scripting(xss) safe for most > cases, need confirmation if xss filtering/prevention measures still need to > be implemented on the application end..
Yes. Your 99% of the time your application reads input and creates output, so it needs to be where you're concerned with XSS. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
