How to sanitize and validate user input to pass a Checkmarx scan

前端 未结 2 1811
暖寄归人
暖寄归人 2021-02-20 17:06

I have an endpoint that receives a String from the client as seen below:

@GET
@Path(\"/{x}\")
public Response doSomething(@PathParam(\"x\") String x) {
    Stri         


        
相关标签:
2条回答
  • 2021-02-20 17:50

    HtmlUtils from spring-web got the job done with:

    HtmlUtils.htmlEscape(x)

    Maven dependency:

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>5.1.7.RELEASE</version>
    </dependency>
    
    0 讨论(0)
  • 2021-02-20 17:51

    in .Net framework > 4.0 use AntiXSS

    AntiXssEncoder.HtmlEncode()

    0 讨论(0)
提交回复
热议问题