Hello Howard, Thanks for the information.
Thanks, Eric On Tue, Aug 19, 2008 at 1:18 PM, Howard Lewis Ship <[EMAIL PROTECTED]> wrote: > Tapestry mostly captures this on the output side; that is, when you > output a string (using, say ${property} expansion), the output is > filtered; the key HTML entities, "<", "&" and ">", are converted to > proper entities: "<", etc. > > On Tue, Aug 19, 2008 at 11:11 AM, Eric Rogers <[EMAIL PROTECTED]> > wrote: > > Hello All, > > > > I am using Tapestry 5.0.14 and am looking to filter input in my Tapestry > > application for characters related to cross-site scripting. Some input > is > > from regular form submission, while other input is received using AJAX > event > > listeners and JSON. I realize that one can use a custom translator to > scrub > > any unwanted characters from input for a given field. However, I was > > wondering if anyone has come across a more general pattern or strategy to > do > > this for both form and JSON input without having to explicitly define a > > translator for form fields, and manually call some method to do the same > for > > a JSONObject. > > > > Thanks, > > > > Eric > > > > > > -- > Howard M. Lewis Ship > > Creator Apache Tapestry and Apache HiveMind > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >