Please Visit: http://ift.tt/1ajReyV
from Public RSS-Feed of Jeffery yuan. Created with the PIXELMECHANICS 'GPlusRSS-Webtool' at http://gplusrss.com http://ift.tt/1mpTvA1
via LifeLong Community
Prevent cross site scripting with jsoup
Solution
Use the jsoup HTML Whitelist (Link->/apidocs/org/jsoup/safety/Whitelist.html) .
String unsafe =
"<p><a href='http://example.com/' onclick='stealCookies()'>Link</a></p>";
String safe = Jsoup.clean(unsafe, Whitelist.basic());
// now: <p><a href="http://example.com/" rel="nofollow">Link</a></p
Read full article from: http://ift.tt/1r8YBDP
http://ift.tt/1kCENWW
Solution
Use the jsoup HTML Whitelist (Link->/apidocs/org/jsoup/safety/Whitelist.html) .
String unsafe =
"<p><a href='http://example.com/' onclick='stealCookies()'>Link</a></p>";
String safe = Jsoup.clean(unsafe, Whitelist.basic());
// now: <p><a href="http://example.com/" rel="nofollow">Link</a></p
Read full article from: http://ift.tt/1r8YBDP
http://ift.tt/1kCENWW
from Public RSS-Feed of Jeffery yuan. Created with the PIXELMECHANICS 'GPlusRSS-Webtool' at http://gplusrss.com http://ift.tt/1mpTvA1
via LifeLong Community
No comments:
Post a Comment