Stripes Framework XSS Interceptor
Posted onI have created a new project named Stripes XSS Interceptor.
This project escapes all the parameters that Stripes Framework binds during its Validation & Binding phase using a wrapped request object (a convenient implementation of the HttpServletRequest
interface).
The code follows the XSS (Cross Site Scripting) security guidance posted at OWASP (Open Web Application Security Project).
Please feel free to report any bug you find in the project’s Issue Tracker.
Comments
comments powered by Disqus