commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcelo Bello <ra992...@ic.unicamp.br>
Subject Checking if a String is both HTML and SQL safe
Date Thu, 21 Aug 2003 23:44:11 GMT
I am developing a web application that MUST be safe.

I am searching for a Java lib that can check a string to be both:

- HTML safe (replacing '<' with '&gt' etc... );
- SQL safe;

SQL safeness is critical, because string typed by the user will be used to
generate a SQL statement. I can't allow users to input a "malicious"
string that would end up allowing them to execute arbitrary SQL
statements.

Anyone know where I could find a Java lib for that?

If not, then consider this email as a suggestion.

Best Regards,

Marcelo Bello


Mime
View raw message