[Esapi-user] Encoding JsonP callback parameter
Kevin W. Wall
kevin.w.wall at gmail.com
Mon Sep 15 20:41:47 UTC 2014
ESAPI does not support JSON encoding. I would suggest the OWASP JSON
Sent from my Droid; please excuse typos.
On Sep 15, 2014 4:37 PM, "Ittai Zeidman" <ittaiz at wix.com> wrote:
> I have an API which I need to develop which will use JsonP and the client
> will be sending me a “callback” parameter for the js function I’m
> outputting to.
> I’m trying to evaluate how to sanitize the input since I’ll be using it
> directly in the output but I can’t find anything in the library.
> I found all kinds of regex patterns to use but I’m looking for a more
> robust approach.
> Does the Esapi Encoder handle this?
> Ittai Zeidman
> Cell: 054-6735021
> 40 Hanamal street, Tel Aviv, Israel
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user