perl-embperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pete Moran" <p...@uniplexds.co.uk>
Subject Cross Site Scripting
Date Tue, 24 Jan 2006 12:29:33 GMT
I know there is probably a simple answer – according to the docs if I set
EMBPERL_ESCMODE to 4, then it should fix any cross site scripting.

However if I have a text field called guess, and pass the following line 

 

?guess=%22%3E%3Cscript%3Ealert('vorsichtfalle!')%3C/script%3E%3C%22

 

The alert will appear – how can I disable this behavior, but keep the normal
fdat form population ?

 

 


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.22/238 - Release Date: 23/01/2006
 

Mime
View raw message