Servlet-Web-Hosting

Reading Three Parameters:

Result

Servlets

www.corewebprogramming.com

Filtering Strings for

HTML Specific Characters

You cannot safely insert arbitrary strings

into servlet output

< and > can cause problems anywhere

& and " cause problems inside of HTML attributes

You sometimes cannot manually translate

String is derived from a program excerpt or another

source where it is already in standard format

String is derived from HTML form data

Failing to filter special characters makes

you vulnerable to cross site scripting attack

http://www.cert.org/advisories/CA 2000 02.html

http://www.microsoft.com/technet/security/crssite.asp

See filter method of ServletUtilities at

http://www.corewebprogramming.com

Servlets

www.corewebprogramming.com





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
     


    
    
        Servlet Web Hosting

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact

Servlet Web Hosting
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved