[Esapi-user] Encoding JsonP callback parameter

Ittai Zeidman ittaiz at wix.com
Mon Sep 15 20:35:08 UTC 2014


Hi,
I have an API which I need to develop which will use JsonP and the client will be sending me a “callback” parameter for the js function I’m outputting to.
I’m trying to evaluate how to sanitize the input since I’ll be using it directly in the output but I can’t find anything in the library.
I found all kinds of regex patterns to use but I’m looking for a more robust approach.
Does the Esapi Encoder handle this?

Ittai Zeidman
 
Cell: 054-6735021
40 Hanamal street, Tel Aviv, Israel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20140915/3dd8fea8/attachment.html>


More information about the Esapi-user mailing list