protect jsp pages againt xss

前端 未结 3 1043
悲哀的现实
悲哀的现实 2021-02-11 05:57

i want to protect my website form xss, and i want to assure that all my data are correct and consistent, so i don\'t want to allow to add any scripts to my db, that\'s because m

3条回答
  •  醉梦人生
    2021-02-11 06:34

    Use some Filter to sanitize HTTP request data.

    You may go for jsoup, it is very handy:

    String unsafe = "

    Link

    "; String safe = Jsoup.clean(unsafe, Whitelist.basic()); // now:

    Link

    Ref: http://jsoup.org/cookbook/cleaning-html/whitelist-sanitizer

提交回复
热议问题