anti-xss library for ruby?

F

Florian Groß

Florian said:
Does anybody know a ruby anti-xss library that passes all the cases
described in the xss cheat sheet (http://ha.ckers.org/xss.html)?
Click to expand...

I've been an advocate of whitelisting before, but after reading this I
would never again use anything else. Don't even try doing blacklisting.
It won't work.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

XSS and HttpServletRequest.getQueryString 0
[ANN] JRuby 1.4.1 - Fixes XSS Vulnerability in JRuby 1.4.0 -Recommended Upgrade 0
[ANN] Ruby 1.9.1-p430 is out 0
how does recaptcha get around XSS protection? 6
[Security] [ANN] Loofah has an HTML injection / XSS vulnerability,please upgrade to 0.4.6 0
simple xss question 4
[ANN] loofah 0.4.0 Released 0
[ANN] loofah 0.4.7 Released 1

Members online

Total: 514 (members: 2, guests: 512)
Robots: 109

Forum statistics

Threads
474,201
Messages
2,571,048
Members
47,650
Latest member
IanTylor5

Latest Threads

Top