httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: [users@httpd] Cross-site scripting implementation
Date Thu, 15 Dec 2011 06:46:52 GMT
On Thu, Dec 15, 2011 at 2:17 PM, Saeedahmed Subedar
<> wrote:
> Inspite of the http server being cross-site scripting(xss) safe for most
> cases, need confirmation if xss filtering/prevention measures still need to
> be implemented on the application end..

Yes.  Your 99% of the time your application reads input and creates
output, so it needs to be where you're concerned with XSS.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message