[hibernate-issues] [Hibernate-JIRA] Commented: (HV-490) Create @WebSafe annotation
George Gastaldi (JIRA)
noreply at atlassian.com
Fri Jun 10 12:54:24 EDT 2011
[ http://opensource.atlassian.com/projects/hibernate/browse/HV-490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42566#action_42566 ]
George Gastaldi commented on HV-490:
------------------------------------
Git pull request created: https://github.com/hibernate/hibernate-validator/pull/61
> Create @WebSafe annotation
> --------------------------
>
> Key: HV-490
> URL: http://opensource.atlassian.com/projects/hibernate/browse/HV-490
> Project: Hibernate Validator
> Issue Type: Improvement
> Reporter: George Gastaldi
>
> According to Shane Brizak statement on seam-dev list:
> {quote}
> Hi Gunnar,
> I had an idea today for a new validation constraint called @WebSafe - in
> summary what it would do is validate a rich text value provided by the
> user to ensure that it contains no malicious code, such as embedded
> <script> elements. The implementation for this would use JTidy to
> convert the value to a DOM tree, after which it would walk the nodes of
> the tree and locate any <script> tags, and if any are present the
> validation would fail.
> Anyway, the implementation isn't so important - what I was wondering
> though is whether you think something like this would be useful to have
> in the Seam Validation module. I tend to think that it would be (and we
> can probably come up with quite a few other useful validation
> constraints also) but I would like to know what you think about this.
> Shane
> {quote}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the hibernate-issues
mailing list