Thanks. Regards, SaeedAhmed Subedar, BSLI -----Original Message----- From: Eric Covener [mailto:covener@xxxxxxxxx] Sent: Thursday, December 15, 2011 12:17 PM To: users@xxxxxxxxxxxxxxxx Subject: Re: Cross-site scripting implementation On Thu, Dec 15, 2011 at 2:17 PM, Saeedahmed Subedar <Saeedahmed.Subedar@xxxxxxxxxxxxxxxx> wrote: > Inspite of the http server being cross-site scripting(xss) safe for most > cases, need confirmation if xss filtering/prevention measures still need to > be implemented on the application end.. Yes. Your 99% of the time your application reads input and creates output, so it needs to be where you're concerned with XSS. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx The information contained in this electronic communication is intended solely for the individual(s) or entity to which it is addressed. It may contain proprietary, confidential and/or legally privileged information. Any review, retransmission, dissemination, printing, copying or other use of, or taking any action in reliance on the contents of this information by person(s) or entities other than the intended recipient is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us by responding to this email or telephone and immediately and permanently delete all copies of this message and any attachments from your system(s). The contents of this message do not necessarily represent the views or policies of Aditya Birla Group. Computer viruses can be transmitted via email. Aditya Birla Group Companies attempts to sweep e-mails and attachments for viruses, it does not guarantee that either are virus free. The recipient should check this email and any attachments for the presence of viruses. Aditya Birla Group does not accept any liability for any damage sustained as a result of viruses. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|