[Esapi-user] Esapi-user Digest, Vol 27, Issue 3

Rama Krishna Pathangi rpathangi at hotmail.com
Mon Jan 30 19:21:04 UTC 2012

Hi, I want to use encodeForXML method mentioned here http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/Encoder.html#encodeForXML(java.lang.String). I found the details confusing -"The use of a real XML parser is strongly encouraged. However, in the hopefully rare case that you need to make sure that data is safe for inclusion in an XML document and cannot use a parse, this method provides a safe mechanism to do so." Could you explain what is being referred to here? Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120130/845e0d99/attachment.html>

More information about the Esapi-user mailing list