Comments on: Simple Cross Site Scripting (XSS) Servlet Filter http://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/ Self-proclaimed greatness is a hard thing to prove. Fri, 10 Feb 2012 02:11:49 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Normannhttp://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/#comment-1744 Normann Wed, 16 Nov 2011 07:39:25 +0000 http://greatwebguy.com/uncategorized/simple-cross-site-scripting-xss-servlet-filter/#comment-1744 George - your comment was a lifesaver - been using most of my day on not understanding why the netui binding didnt use the altered values from getParameter. Thanks a ton! George – your comment was a lifesaver – been using most of my day on not understanding why the netui binding didnt use the altered values from getParameter. Thanks a ton!

]]> By: RE: cross site scripting issue..... - Forums - Liferay.comhttp://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/#comment-1659 RE: cross site scripting issue..... - Forums - Liferay.com Tue, 16 Aug 2011 07:25:20 +0000 http://greatwebguy.com/uncategorized/simple-cross-site-scripting-xss-servlet-filter/#comment-1659 [...] links will helps you a lot.1) Cross Site Scripting - Liferay Forum2) Create Cross Site Scripting Filter.3) Liferay Jira IssueLet me know if you want anything [...] [...] links will helps you a lot.1) Cross Site Scripting – Liferay Forum2) Create Cross Site Scripting Filter.3) Liferay Jira IssueLet me know if you want anything [...]

]]> By: Madanhttp://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/#comment-1649 Madan Thu, 28 Jul 2011 04:36:43 +0000 http://greatwebguy.com/uncategorized/simple-cross-site-scripting-xss-servlet-filter/#comment-1649 how to do the same thing with ResponseWrapper how to do the same thing with ResponseWrapper

]]> By: Prasanthhttp://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/#comment-850 Prasanth Mon, 11 Apr 2011 12:47:56 +0000 http://greatwebguy.com/uncategorized/simple-cross-site-scripting-xss-servlet-filter/#comment-850 Thanks webguy for the response. Can you please tell me the step wise approach to implement this in my J2EE application? Thanks webguy for the response. Can you please tell me the step wise approach to implement this in my J2EE application?

]]> By: the3ngineerhttp://greatwebguy.com/programming/java/simple-cross-site-scripting-xss-servlet-filter/#comment-812 the3ngineer Wed, 06 Apr 2011 14:10:33 +0000 http://greatwebguy.com/uncategorized/simple-cross-site-scripting-xss-servlet-filter/#comment-812 The Wrapper handles only the value of a request parameter. The problem is that some server side code may 'reflect' a set of parameters via some Redirect action. During the 'reflect' action, one may find the offending code as a request parameter name, not value. This means the code can be improved even further by proper escaping the parameter name as well. The Wrapper handles only the value of a request parameter. The problem is that some server side code may ‘reflect’ a set of parameters via some Redirect action. During the ‘reflect’ action, one may find the offending code as a request parameter name, not value.

This means the code can be improved even further by proper escaping the parameter name as well.

]]>