[hibernate-issues] [Hibernate-JIRA] Commented: (HV-490) Create @WebSafe annotation

[George Gastaldi (JIRA)]

    [ http://opensource.atlassian.com/projects/hibernate/browse/HV-490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42566#action_42566 ] 

George Gastaldi commented on HV-490:
------------------------------------

Git pull request created: https://github.com/hibernate/hibernate-validator/pull/61

> Create @WebSafe annotation
> --------------------------
>
>                 Key: HV-490
>                 URL: http://opensource.atlassian.com/projects/hibernate/browse/HV-490
>             Project: Hibernate Validator
>          Issue Type: Improvement
>            Reporter: George Gastaldi
>
> According to Shane Brizak statement on seam-dev list:
> {quote}
> Hi Gunnar,
> I had an idea today for a new validation constraint called @WebSafe - in 
> summary what it would do is validate a rich text value provided by the 
> user to ensure that it contains no malicious code, such as embedded 
> <script> elements.  The implementation for this would use JTidy to 
> convert the value to a DOM tree, after which it would walk the nodes of 
> the tree and locate any <script> tags, and if any are present the 
> validation would fail.
> Anyway, the implementation isn't so important - what I was wondering 
> though is whether you think something like this would be useful to have 
> in the Seam Validation module.  I tend to think that it would be (and we 
> can probably come up with quite a few other useful validation 
> constraints also) but I would like to know what you think about this.
> Shane
> {quote}

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://opensource.atlassian.com/projects/hibernate/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira