From emmanuel at hibernate.org Fri Jun 10 04:32:57 2011
Content-Type: multipart/mixed; boundary="===============6320676589346540088=="
MIME-Version: 1.0
From: Emmanuel Bernard <emmanuel at hibernate.org>
To: seam-dev at lists.jboss.org
Subject: Re: [seam-dev] Extended validation constraints
Date: Fri, 10 Jun 2011 10:32:53 +0200
Message-ID: <4D06CD5C-F424-40FD-8910-4F397E8C9FF8@hibernate.org>
In-Reply-To: 4DF1CF7D.9020001@redhat.com

--===============6320676589346540088==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Why not in Hibernate Validator?

On 10 juin 2011, at 10:02, Shane Bryzak wrote:

> Hi Gunnar,
> =

> I had an idea today for a new validation constraint called @WebSafe - in =

> summary what it would do is validate a rich text value provided by the =

> user to ensure that it contains no malicious code, such as embedded =

> <script> elements.  The implementation for this would use JTidy to =

> convert the value to a DOM tree, after which it would walk the nodes of =

> the tree and locate any <script> tags, and if any are present the =

> validation would fail.
> =

> Anyway, the implementation isn't so important - what I was wondering =

> though is whether you think something like this would be useful to have =

> in the Seam Validation module.  I tend to think that it would be (and we =

> can probably come up with quite a few other useful validation =

> constraints also) but I would like to know what you think about this.
> =

> Shane
> _______________________________________________
> seam-dev mailing list
> seam-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/seam-dev


--===============6320676589346540088==--