Sorry about that. By "I do not want HTML to be entered" I meant "character strings which are rendered by a browser additional to, or instead of, being displayed as that character string. Examples are:
<!-- </body> <onclick='[Some nasty JavaScript]'; Basically, I want to remove nasty code being injected into future rendered HTML by user input. -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/Preventing-user-input-script-injection-attacks-tp3059119p3059321.html Sent from the Users forum mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
