[Esapi-user] Encoding JsonP callback parameter
ittaiz at wix.com
Tue Sep 16 04:15:16 UTC 2014
Will march right over.
40 Hanamal street, Tel Aviv, Israel
On Mon, Sep 15, 2014 at 11:41 PM, Kevin W. Wall <kevin.w.wall at gmail.com>
> ESAPI does not support JSON encoding. I would suggest the OWASP JSON
> Sanitizer project,
> Sent from my Droid; please excuse typos.
> On Sep 15, 2014 4:37 PM, "Ittai Zeidman" <ittaiz at wix.com> wrote:
>> I have an API which I need to develop which will use JsonP and the client
>> will be sending me a “callback” parameter for the js function I’m
>> outputting to.
>> I’m trying to evaluate how to sanitize the input since I’ll be using it
>> directly in the output but I can’t find anything in the library.
>> I found all kinds of regex patterns to use but I’m looking for a more
>> robust approach.
>> Does the Esapi Encoder handle this?
>> Ittai Zeidman
>> Cell: 054-6735021
>> 40 Hanamal street, Tel Aviv, Israel
>> Esapi-user mailing list
>> Esapi-user at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user