[OWASP-ESAPI] JavaScript ESAPI HTML encoding and some framework
Ed Schaller
schallee at darkmist.net
Fri Nov 6 18:47:00 EST 2009
I am not very familiar with JavaScript and certainly not OOP in
JavaScript. That being said, attached is a JavaScript implementation of
HTMLEntitiyCodec and some framework. There is a test.html file to try
it in your browser and a test.rhino to try it with rhino.
If you include all the right pieces, you can actually do:
ESAPI.encoder().encodeForHTML(...);
This also includes my checks (and notes) on validating unicode characters
that might be worth adding to the normal ESAPI at some point.
Anyhows, I would be very interested in thoughts, ideas, criticizm, help, etc
Thanks
>>>------>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: esapi.js.zip
Type: application/zip
Size: 8450 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-esapi/attachments/20091106/2ab47682/attachment.zip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : https://lists.owasp.org/pipermail/owasp-esapi/attachments/20091106/2ab47682/attachment.bin
More information about the OWASP-ESAPI
mailing list