Hello Howard,
Thanks for the information.
Thanks,
Eric
On Tue, Aug 19, 2008 at 1:18 PM, Howard Lewis Ship <[EMAIL PROTECTED]> wrote:
> Tapestry mostly captures this on the output side; that is, when you
> output a string (using, say ${property} expansion), the output is
> filtered; the key HTML entities, "<", "&" and ">", are converted to
> proper entities: "<", etc.
>
> On Tue, Aug 19, 2008 at 11:11 AM, Eric Rogers <[EMAIL PROTECTED]>
> wrote:
> > Hello All,
> >
> > I am using Tapestry 5.0.14 and am looking to filter input in my Tapestry
> > application for characters related to cross-site scripting. Some input
> is
> > from regular form submission, while other input is received using AJAX
> event
> > listeners and JSON. I realize that one can use a custom translator to
> scrub
> > any unwanted characters from input for a given field. However, I was
> > wondering if anyone has come across a more general pattern or strategy to
> do
> > this for both form and JSON input without having to explicitly define a
> > translator for form fields, and manually call some method to do the same
> for
> > a JSONObject.
> >
> > Thanks,
> >
> > Eric
> >
>
>
>
> --
> Howard M. Lewis Ship
>
> Creator Apache Tapestry and Apache HiveMind
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
