[Esapi-user] ESAPI with JSTL, EL and Spring tag library for output validation

Alex azlist1 at gmail.com
Sat Jun 11 14:08:37 EDT 2011


Hi,
I am new to the list, sorry if my question is foolish or posted in the wrong
place.

I was wondering if there was a simple and standard way to cleanup/validate
output generated in JSP pages that use the JSTL alongside with EL  variables
(ex : ${foo} ?
Same question for Spring tag libraries such as Spring form tags (
http://static.springsource.org/spring/docs/3.0.x/reference/spring-form.tld.html).
.

The idea would be to use the ESAPI reference implementation to do this
mostly to guard against XSS attacks and alike but I'm not sure where to
start...

Thank you for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110611/dd94e471/attachment.html 


More information about the Esapi-user mailing list