[seam-dev] Extended validation constraints
Shane Bryzak
sbryzak at redhat.com
Fri Jun 10 04:02:05 EDT 2011
Hi Gunnar,
I had an idea today for a new validation constraint called @WebSafe - in
summary what it would do is validate a rich text value provided by the
user to ensure that it contains no malicious code, such as embedded
<script> elements. The implementation for this would use JTidy to
convert the value to a DOM tree, after which it would walk the nodes of
the tree and locate any <script> tags, and if any are present the
validation would fail.
Anyway, the implementation isn't so important - what I was wondering
though is whether you think something like this would be useful to have
in the Seam Validation module. I tend to think that it would be (and we
can probably come up with quite a few other useful validation
constraints also) but I would like to know what you think about this.
Shane
More information about the seam-dev
mailing list