Vulnerability Development mailing list archives
Re: Preventing XSS in PHP...
From: alrferreira () carol com br
Date: Fri, 3 May 2002 13:37:31 -0300
Yep...some even say "too much" and argue that it isn't a "real security hole", but if you've had your admin cookie stolen on a forum then you would say otherwise. yep PHP can handle input sanitizing very well...hopefully all new webApp langs will have sanitizing functionality built into their frameworks...(MS actually does in asp.net) I suggest you check out the webAppSec list, the OWASP project, and cgisecurity.com for more info. http://online.securityfocus.com/archive/107 http://www.owasp.org http://www.cgisecurity.com Take care,
That is really interesting... Somebody would have more information on as to implement this in ASP? Without having that to filter all manually tags? Thanks... André Luiz Rodrigues Ferreira
Current thread:
- Re: Preventing XSS in PHP... Slow2Show (May 02)
- Re: Preventing XSS in PHP... William N. Zanatta (May 03)
- <Possible follow-ups>
- Re: Preventing XSS in PHP... alrferreira (May 03)
- Re: Preventing XSS in PHP... Slow2Show (May 03)